Ransomware attacks sweep the healthcare sector in the United States

ConsensioHealth, a company based in Wisconsin that provides medical billing services, announced in July 2023 that it fell victim to a ransomware attack, affecting 60,871 individuals.


The personal information of ConsensioHealth customers was stolen, including patients belonging to the likes of Specialty Emergency Medicine, Ascension Wisconsin etc.

The compromised data includes names, addresses, social security numbers, medical details, etc. The company has already enhanced its security measures. In a separate incident in South Carolina, the affected individuals will receive free credit monitoring services and identity theft protection.

Legal firm Constangy, Brooks, Smith & Prophete, representing Burr & Forman, disclosed a cyber attack with implications on the data of Oceans Healthcare and another entity covered by HIPAA. Personal and protected health information of 19,893 individuals is exposed, including names, social security numbers, medical codes, service dates, and insurance information.

Additionally, Sharp Health Plan reported a hacking incident impacting 8,200 members. The data breach occurred through the file transfer solution MOVEit Transfer, used by the affiliated company Delta Dental, between May 27 and May 30, 2023. Though member updates were made in November, the impacts on affected individuals were determined in late December. Stolen data includes names, social security numbers, dental information, and treatment cost details.

Moreover, from reports dating back to September 2023, Rebekah Children’s Services suffered a cyberattack, confirmed by forensic investigation to breach protected health information. Leaked information includes names, addresses, social security numbers, birth dates, health details, insurance information, and driver’s licenses. Security measures have been taken, and the 2,805 affected individuals have been notified, with free access to credit monitoring services provided.