Independent Case Management, INC.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Independent Case Management, Inc. Data Breach
Independent Case Management, Inc. (ICM), an Arkansas-based nonprofit organization that provides in-home and community-based support to people with intellectual and developmental disabilities, experienced a data breach that was reported on August 3, 2022. The breach was classified as a hacking/IT incident and affected 3,307 individuals[7].
The ransomware attack was discovered when a ransom note dated December 24, 2021, was found on June 15, 2022. The unauthorized party managed to access and encrypt data on three servers containing historical employee and customer data. The compromised information included names, addresses, Social Security numbers, birth dates, health records, insurance plan information, payment information, Medicaid numbers, and employment files[10].
ICM began notifying affected individuals and recommended that they monitor their health insurance claims and financial account information for any signs of fraudulent activity. The organization also performed security scans of its systems and implemented additional security measures. Furthermore, ICM committed to providing additional security training to all employees and conducting periodic risk assessments to prevent future incidents[10].
For those affected by the breach, it is advisable to remain vigilant by reviewing account statements and credit reports, and considering placing a fraud alert on their credit files.
Citations:
- https://www.hipaajournal.com/cyberattacks-reported-by-independent-case-management-conifer-health-solutions/
- https://www.turkestrauss.com/2023/12/11/independent-living-systems-data-breach-investigation-2/
- https://www.hackmageddon.com/2022/09/08/1-15-august-2022-cyber-attacks-timeline/
- https://www.arkansasonline.com/news/2022/dec/30/nashville-hospital-hit-by-data-breach/
- https://www.idstrong.com/sentinel/arkansas-health-system-discloses-data-breach/
- https://www.hipaajournal.com/october-2023-healthcare-data-breach-report/
- https://arkadelphian.com/2023/08/04/the-biggest-health-care-data-breaches-you-should-know-about-in-arkansas-stacker/
- https://www.hhs.gov/about/news/2023/05/16/hhs-office-civil-rights-settles-hipaa-investigation-arkansas-business-associate-medevolve-following-unlawful-disclosure-phi-unsecured-server-350-000.html
- https://www.cisa.gov/forms/report
- https://healthitsecurity.com/news/several-orgs-impacted-by-email-security-breach-at-rcm-vendor
- https://apnews.com/article/blackbaud-data-breach-settlement-dba8fac12af30f74691c7af4fec69a14
- https://www.icm-inc.org/contact-us/
- https://www.defensorum.com/independent-case-management-conifer-health-solutions-report-cyberattacks/
- https://healthitsecurity.com/news/arkansas-hospital-notifies-patients-of-healthcare-data-breach
- https://store.samhsa.gov/sites/default/files/sma15-4215.pdf
- https://www.icm-inc.org
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
- https://www.securityweek.com/data-breach-at-independent-living-systems-impacts-4-million-individuals/
- https://www.hipaajournal.com/hipaa-breaches/