Another 15,000 patients have been added to the breach tally of the Eye Care Leaders ransomware attack from nearly one year ago.
Massengale Eye Care issued a breach notice to patients in late October, informing them that their data was also compromised during what remains the largest incident reported in healthcare this year at nearly 3.7 million impacted patients.
While mainstream media outlets have recently warned that the CommonSpirit Health cyberattack could impact 20 million patients, the massive health system’s financial report from this week again stated that they are still investigating and have not found evidence of patient data impacts. As such, ECL still holds the dubious top position.
As reported, ECL’s EMR was hit with a ransomware attack on Dec. 4, after a threat actor accessed the platform and deleted databases and system configuration files. Without the data, it was not possible to identify whether the data was accessed or exfiltrated before it was deleted.
The compromised data varied by provider and patient, and for Massengale the data could include names, contact information, dates of birth, Social Security numbers, diagnostic details, and health insurance information.
ECL has not issued its own breach notice with the Department of Health and Human Services, as it defends itself against a provider-led lawsuit accusing the cloud EMR vendor of concealing additional ransomware incidents deployed earlier this year.
A number of providers affected by those alleged incidents spoke exclusively with SC Media, detailing their frustration over the stonewalling. The lawsuit status was last updated in October, with at least 13 filings to extend the time to respond to the claims and two more filings requesting the case be dismissed. In these filings, ECL has repeatedly denied these claims.
CorrectCare security incident swells to 607K impacted individuals
Two more healthcare entities have filed breach notices with HHS, after their medical claims processing vendor CorrectCare informed them that their patient information was exposed due to two misconfigured file databases in July.