Covenant Care California, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Covenant Care California, LLC, experienced a significant data breach that was first reported in November when the ransomware group Hunters International claimed responsibility for attacking the healthcare provider. Since the attack, there has been an ongoing leak of patients’ Protected Health Information (PHI) and employees’ personal information on the dark web. Covenant Care operates 29 locations across California and Nevada, offering a range of services including skilled nursing, residential care, therapy services, and home health care. Despite the severity of the breach, there has been no official notice on Covenant Care’s website or any indication of service disruptions. The organization did not immediately respond to inquiries regarding the breach or patient notification efforts[1].

This incident is not the first cybersecurity challenge faced by Covenant Care. Previous incidents include a phishing attack in March 2019 affecting 7,678 patients and another in February 2022 impacting 23,093 patients at Wagner Heights Nursing and Rehabilitation Center. These breaches involved sensitive information such as Social Security numbers, medical records, and health insurance details. Following these incidents, Covenant Care implemented additional safeguards and offered affected individuals free credit monitoring and identity theft restoration services[1].

In April 2022, another breach occurred involving multiple employee email accounts, compromising patients’ names, medical information, health insurance information, dates of birth, Social Security numbers, driver’s license numbers, and other personal information. The unauthorized access period spanned from February 24, 2022, to May 3, 2022. Covenant Care issued data breach letters and took steps to secure the compromised accounts, with their review of the incident still ongoing[3].

Covenant Care California, LLC, is a significant provider in the region, operating 30 facilities and employing over 8,000 people. The company generates approximately $1 billion in annual revenue and provides care for more than 4,000 residents and patients[3].

The breach notification provided by Covenant Care to affected individuals detailed the incident’s nature, the types of information involved, and the steps the company is taking to address the breach. This includes securing the services of Kroll for identity monitoring at no cost to affected individuals for one year[5].

This series of data breaches at Covenant Care highlights the ongoing challenges healthcare providers face in securing sensitive patient and employee information against increasingly sophisticated cyberattacks.

Citations:

  1. https://www.databreaches.net/covenant-care-patient-and-employee-data-being-leaked-by-ransomware-group/
  2. https://www.covenanthealth.com
  3. https://www.jdsupra.com/legalnews/covenant-care-california-llc-issues-5842897/
  4. https://www.pressdemocrat.com
  5. https://oag.ca.gov/system/files/Covenant%20Care%20-%20Sample%20Notice.pdf
  6. https://www.providence.org
  7. https://www.calprivacy.com/post/covenant-care-california-s-wagner-heights-nursing-and-rehab-center-reports-data-breach
  8. https://www.morganstanley.com
  9. https://privacyrights.org/data-breaches/covenant-care-california-llc-behalf-relevant-affiliated-nursing-facilities
  10. https://www.arbella.com
  11. https://www.legalscoops.com/covenant-cares-data-breach-continues-to-grow-across-california/
  12. https://www.piedmont.org
  13. https://trellis.law/case/23pscv03229/covenant-care-california-llc-a-california-limited-liability-company-vs-rockport-healthcare-support-services-llc-a-california-limited-liability-company-et-al
  14. https://www.comfortkeepers.com
  15. https://oag.ca.gov/ecrime/databreach/reports/sb24-145240
  16. https://amtrustfinancial.com
Breach Submission Date Jan 12, 2024
Converted Entity Name Covenant Care California, LLC
Converted Entity Type Healthcare Provider
State CA
Individuals Affected 501
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes