Hi-School Pharmacy

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Hi-School Pharmacy Data Breach Overview

On November 3, 2023, Hi-School Pharmacy, a drug store chain based in Vancouver, Washington, experienced a significant cybersecurity incident that led to a disruption in its computer network. This incident was identified as a ransomware attack, where unauthorized access was gained to parts of the network that contained protected health information[3]. The breach affected a substantial number of individuals, with sensitive personal information being compromised.

Information Compromised

The data accessed and potentially acquired without authorization included a range of personal and sensitive information of current and former patients, such as:

  • Names

  • Phone numbers

  • Addresses
  • Dates of birth
  • Provider names
  • Treatment information
  • Prescription information
  • Social Security numbers[1]

Response and Measures Taken

Upon discovering the incident, Hi-School Pharmacy promptly initiated an investigation with the assistance of digital forensic experts. The investigation determined the nature and scope of the data compromised. To address the concerns of those affected and provide support, Hi-School Pharmacy established a toll-free call center and offered credit monitoring and identity theft protection services[1][3]. The company also notified the FBI and took steps to enhance network security to minimize the risk of future incidents[1].

Legal and Regulatory Actions

Following the breach, there has been legal interest in the incident, with law firms investigating claims on behalf of the victims for potential class action lawsuits. These investigations aim to explore the legal rights of those affected by the breach and seek remedies[5][7]. Additionally, the breach has been reported to relevant authorities, including the Maine Attorney General and the Washington State Attorney General’s Office, indicating the number of individuals impacted and the nature of the information compromised[3][13].

Conclusion

The Hi-School Pharmacy data breach is a significant event that underscores the importance of cybersecurity measures for protecting sensitive health information. The incident has led to legal scrutiny and regulatory reporting, reflecting the serious implications of data breaches on personal privacy and security. Hi-School Pharmacy’s response to the breach, including immediate investigation, notification of affected individuals, and offering support services, is part of the effort to mitigate the impact on those whose information was compromised.

Citations:

  1. https://hi-schoolpharmacy.com/system-disruption/
  2. https://www.washington.edu
  3. https://www.hipaajournal.com/ransomware-foursquare-healthcare-hi-school-pharmacy/
  4. https://healthy.kaiserpermanente.org/maryland-virginia-washington-dc/front-door
  5. https://www.msdlegal.com/blog/2023/12/hi-school-pharmacy-data-breach-class-action-lawsuit-investigation/
  6. https://home.hamptonu.edu
  7. https://abingtonlaw.com/Hi-School-Pharmacy-Data-Breach-class-action-lawsuit.html
  8. https://www.foxnews.com
  9. https://www.turkestrauss.com/2023/12/06/hi-school-pharmacy-data-breach-investigation/
  10. https://www.walmart.com/blocked?g=b&url=Lw%3D%3D&uuid=9bb9adc6-8152-11ee-adef-294ecc0f47d6
  11. https://www.mass.gov/doc/assigned-data-breach-number-31095-hi-school-pharmacy-12-6-23/download
  12. https://www.sandiegouniontribune.com
  13. https://www.atg.wa.gov/data-breach-notifications
  14. https://www.georgetown.edu
  15. https://www.redpacketsecurity.com/lockbit-3-0-ransomware-victim-hi-schoolpharmacy-com/
  16. https://www.uiw.edu
Breach Submission Date Dec 05, 2023
Converted Entity Name Hi-School Pharmacy
Converted Entity Type Healthcare Provider
State WA
Individuals Affected 12,779
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes