Data Breaches at Woodholme Gastroenterology Associates and SEIU 775 Benefits Group in Washington and an Identity Theft Case

SEIU 775 Benefits Group in Washington has informed around 140,000 of its members regarding the exposure of some of their protected health information (PHI). Around April 4, 2020, SEIU 775 Benefits Group’s IT team discovered anomalous activity inside the group’s data systems, including the evident deletion of selected data files.

Third-party digital forensics specialists were called in to help with the investigation and affirmed that an unauthorized individual had accessed the systems and deleted a number of files that held personally identifiable information (PII) and protected health information. The forensics professionals did not find any evidence that indicates the download or viewing of any PHI. There was also no report received that suggests the misuse of PHI.

The types of information possibly accessed only included names, addresses, and Social Security numbers. Health plan eligibility or enrollment details were likewise probably compromised. Affected persons were provided complimentary credit monitoring and identity theft protection services using Kroll for a year.

50,000 Woodholme Gastroenterology Associates Patients Impacted by Breach

Woodholme Gastroenterology Associates based in Baltimore, MD has found out that an unauthorized person acquired access to its systems and exfiltrated files that held patients’ PHI on February 25, 2021.

The provider detected the security breach on March 1, 2021 and immediately took steps to stop any further unauthorized access. A comprehensive analysis of the files that were exfiltrated or possibly accessed revealed that they included patients’ names, dates of birth, addresses, email addresses, patient ID numbers, diagnoses and/or treatment data. The Social Security numbers, driver’s license numbers, and health insurance details of a limited number of patients were also potentially compromised.

Complimentary credit monitoring and identity protection services were given to people who had their Social Security number or driver’s license number compromised. The post on the HHS’ Office for Civil Rights breach portal indicated that approximately 50,000 patients were affected.

An Employee of Vitality Senior Living Faced with Identity Theft Case

A nursing assistant formerly hired by Vitality Senior Living in Arlington, VA was charged with stealing the identities of 6 residents under her care.

In April, the lady presumably admitted to the executive director that she fraudulently cashed out a $1,200 check of one of the senior residents. Vitality Senior Living dismissed the woman from work and notified law enforcement. The victim reported the matter to the police and stated there were 6 blank checks stolen from his checkbook and two were encashed. The victim additionally reported a number of fraudulent charges were made against his debit card.

The name of the suspect had been written on one of the cashed checks and her brother’s name was written on the other check. The brother was likewise an employee at Vitality Senior Living however was not charged with regards to the incident. The police got photos of the victim’s driver’s license and debit cards on the suspect’s phone together with proof that other 5 residents were targeted, three of whom had been defrauded. The police likewise found evidence that the woman had tried to file bogus unemployment claims and tax returns for persons whose identities can’t be confirmed.

The woman is scheduled to appear in court on May 25, 2021 regarding more than a dozen identity theft charges.