Grant Regional Health Center

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Grant Regional Health Center in Lancaster, Wisconsin, experienced a data breach that involved unauthorized access to sensitive personal identifiable information and protected health information of its patients. The breach occurred when an unauthorized actor accessed an employee email account between March 20 and March 24, 2023. The types of information exposed included names, Social Security numbers, dates of birth, medical information, health insurance information, taxpayer ID numbers, and financial account information[1][4].

Grant Regional Health Center began notifying affected individuals on May 23, 2023, and has taken steps to enhance email security to prevent future breaches. As of the time of the notifications, the hospital reported that it was unaware of any misuse of the information from the breach. The total number of patients affected by the breach was 4,135[4].

Patients who were impacted by the breach were advised to review the breach notice, enroll in any free credit monitoring services provided by Grant Regional Health Center, change passwords and security questions for online accounts, regularly review account statements, monitor credit reports, and contact a credit bureau to request a temporary fraud alert[1].

Grant Regional Health Center is a critical access hospital and multi-specialty physician practice that offers a variety of healthcare services. It was founded in 1955, employs over 300 individuals, and operates clinics in Lancaster, Cassville, Potosi, and Fennimore, Wisconsin[1].

The law firm Turke & Strauss LLP is investigating the data breach at Grant Regional Health Center and is seeking to speak with affected individuals regarding their rights and potential legal remedies[1].

Citations:

  1. https://www.turkestrauss.com/2023/05/31/grant-regional-health-center-data-breach-investigation/
  2. https://www.pullcom.com/newsroom-publications-HEALTH-CARE-INSIGHTS-Winter-2013
  3. https://www.cdc.gov/vaccines/programs/bridge/index.html
  4. https://www.beckershospitalreview.com/cybersecurity/wisconsin-hospital-notifies-patients-of-unauthorized-access-to-phi.html
  5. https://www.dhs.wisconsin.gov/news/releases/100722.htm
  6. https://www.cbsnews.com/?ftag=CNM-16-10abc6g
  7. https://www.grantregional.com/news/
  8. https://www.databreaches.net/hhs-web-site-reveals-three-new-breaches/
  9. https://www.hrw.org
  10. https://casetext.com/case/sheikh-v-grant-regl-health-ctr-4
  11. https://www.fsa.usda.gov
  12. https://www.hipaajournal.com/idaho-hospitals-divert-ambulances-clinic-closes-cyberattack/
  13. https://www.foxbusiness.com
  14. http://www.hospitalinspections.org/hospital/grant-regional-healt-521322
  15. https://www.casdonline.org
  16. https://www.grantregional.com/patients-and-visitors/patient-stories/
  17. https://www.texashealth.org
  18. https://www.wiwd.uscourts.gov/opinions/pdfs/2011/Sheikh%20v.%20Grant%20Regional%20Health%20Center_No.%2011-cv-001_Final%20Order.pdf
  19. https://www.governmentjobs.com/careers/sanbernardino
Breach Submission Date May 23, 2023
Converted Entity Name Grant Regional Health Center
Converted Entity Type Healthcare Provider
State WI
Individuals Affected 4,135
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes