Over 70K records exposed in recent Arizona data breach

Around December 13, 2024, Primary Health-SMMPP and U.S. Healthworks-SMMPP, two HIPAA business associates based in Arizona, detected unusual activity in their server. Ultimately, the business associates determined they had experienced a data breach.

What happened 

Soon after the unusual activity was detected, a third-party digital forensics firm was engaged to investigate the potential data breach, confirming that an unauthorized third party had breached the server's defenses and may have accessed or copied stored data. On January 7th, 2025, the data review concluded. Ultimately, the team determined that compromised data included names, dates of birth, dates of service, and, in some cases, Social Security numbers. 

Primary Health-SMMPP reported the breach to the HHS Office for Civil Rights (OCR), affecting 67,567 individuals, while U.S. Healthworks-SMMPP reported 10,673 affected individuals. In response, both entities are offering complimentary credit monitoring and identity theft protection services for 12 to 24 months.

Why it matters 

The recent incidents, like these and others reported in Kansas, Ohio, and New York, reveal a trend of increasingly sophisticated cyberattacks targeting both covered entities and business associates. At a time when digital records gain popularity amongst healthcare providers, these attacks stand to place the vast amounts of electronic protected health information (ePHI) in danger. Organizations have to constantly adapt to use more advanced cybersecurity measures in line with those recommended by regulatory organizations like the HHS and the CISA. 

Related: HIPAA Compliant Email: The Definitive Guide

FAQs

What are the common targets of cyberattacks in healthcare?

Cyberattacks often target healthcare organizations' IT systems, medical devices, and patient data, aiming to disrupt operations or steal sensitive information like medical records and financial data. 

How do cyberattacks affect healthcare operations?

Cyberattacks can lead to disruptions in patient care, delays in billing and insurance claims processing. 

What types of cyberattacks are most prevalent in healthcare?

Ransomware attacks, such as those by groups like BlackCat, are common. These attacks involve encrypting data and demanding payment for decryption keys.