Coos Health & Wellness

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Coos Health & Wellness, a provider of public and behavioral health services in Coos County, Oregon, experienced a significant data security incident that was first discovered on April 28, 2023. The breach potentially involved unauthorized access to personal and protected health information of individuals who received services from various programs supported by Coos Health & Wellness (CHW). The organization took immediate action by engaging an independent cybersecurity firm to investigate the scope of the breach and to determine whether sensitive information was affected. The investigation concluded that personal and protected health information might have been accessed or acquired without authorization. This information included names, dates of birth, Social Security numbers, driver’s license or state identification card numbers, medical information, and health insurance information.

Following the completion of the investigation, CHW worked to gather current contact information for all potentially impacted individuals, a process that was completed by December 8, 2023. On December 15, 2023, CHW issued notifications to the potentially impacted individuals via the United States Postal Service, providing them with information about the incident and steps they could take to protect their information. Additionally, CHW established a toll-free call center to answer questions and address concerns related to the incident. The call center is available Monday through Friday from 8:00 a.m. to 8:00 p.m. Central Time and can be reached at 1-888-859-7647.

The breach has also attracted attention from legal professionals, with attorneys investigating whether a class action lawsuit can be filed on behalf of the affected individuals. Such a lawsuit could potentially provide compensation for any harm resulting from the breach, including loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more. A successful case could also compel Coos Health & Wellness to take appropriate measures to enhance the protection of the information it holds[1][3].

This incident underscores the importance of robust cybersecurity measures and the need for organizations to be vigilant in protecting sensitive personal and health information from unauthorized access.

Citations:

  1. https://www.prnewswire.com/news-releases/coos-health–wellness-provides-notice-following-data-security-incident-302017157.html
  2. https://dojmt.gov/consumer/databreach/
  3. https://www.classaction.org/data-breach-lawsuits/coos-health-and-wellness
  4. https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
  5. http://ago.vermont.gov/document/2023-12-15-coos-health-wellness-data-breach-notice-consumers
  6. https://www.linkedin.com/posts/breachaware_salud-family-health-data-breach-class-action-activity-7123616659088556032-hK7C
  7. https://cooshealthandwellness.org/behavioral-health/client-information/
  8. https://www.healthcarefacilitiestoday.com/facility_operations/default/Information-Technology–10
  9. https://colevannote.com/data-breach-coos-health-wellness/
  10. https://www.newstrail.com/cole-van-note-announces-coos-health-wellness-data-breach-investigation/
  11. https://apps.web.maine.gov/online/aeviewer/ME/40/38754618-af45-4899-92c1-81b205bf813e/6cc4e0b4-b602-4626-a926-cd57db884cc4/document.html
  12. https://www.linkedin.com/pulse/idiq-news-idiqofficial-uetqc?trk=organization_guest_main-feed-card_feed-article-content
  13. https://apps.web.maine.gov/online/aeviewer/ME/40/38754618-af45-4899-92c1-81b205bf813e.shtml
  14. https://www.hackmageddon.com/2024/02/13/1-15-december-2023-cyber-attacks-timeline/
  15. https://en.pressbee.net/show2482032.html?title=coos-health-wellness-provides-notice-following-data-security-inci
Breach Submission Date Sep 07, 2023
Converted Entity Name Coos Health & Wellness
Converted Entity Type Healthcare Provider
State OR
Individuals Affected 21,971
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes