KY Cabinet for Health and Family Services (CHFS)
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
The breach at the Kentucky Cabinet for Health and Family Services (CHFS) was reported by HackNotice, a service that monitors data streams related to breaches, leaks, and hacks[1]. However, the details of the breach, such as the date it occurred, the nature of the compromised data, and the number of individuals affected, are not provided in the search results.
It is important to note that while the search results mention a data breach at Kentucky Catholic Health Initiatives hospitals, which was part of a ransomware attack on the CommonSpirit health-care system affecting several states including Kentucky, this incident is separate from the CHFS breach[2].
The CHFS has policies in place for privacy impact assessments, incident response, and reporting, as well as privacy and security awareness programs, which outline procedures for auditing, monitoring, and responding to security incidents[3][4][5]. These policies are designed to protect sensitive and confidential information and to ensure compliance with state and federal regulations.
Previous incidents involving CHFS include a breach reported in 2015, where 1,090 Medicaid clients were notified about a security breach that may have resulted in the unintentional release of information held by a subcontractor’s employee who fell for a telephone computer scam[7]. Another incident in 2012 involved a phishing attack that compromised the email server of the Kentucky Department for Community Based Services, potentially exposing personal information of approximately 2,500 individuals[17].
For the most recent breach at CHFS, the specific details are not available in the provided search results. Individuals concerned about their data or seeking more information about the breach would typically be advised to contact CHFS directly or monitor their statements and credit reports for any unauthorized activity.
Citations:
- https://hacknotice.com/2023/12/02/ky-cabinet-for-health-and-family-services-chfs/
- https://www.heraldledger.com/uncategorized/kentucky-catholic-health-initiatives-hospitals-suffer-data-breach/article_3c98bc2b-23e2-53fd-94cb-fa2dec8f92b1.html
- https://www.chfs.ky.gov/agencies/os/oats/polstand/Privacy-%20Monitoring%20Oversight%20and%20Audit%20Privacy%20Controls%20Policy.pdf
- https://www.chfs.ky.gov/agencies/os/oats/polstand/050102Information%20Systems%20IR%20and%20Reporting.pdf
- https://www.chfs.ky.gov/agencies/os/oats/polstand/050101Privacy%20and%20Security%20Awareness%20Program.pdf
- https://casetext.com/case/ky-cabinet-for-health-family-servs-v-puckett
- https://www.databreaches.net/cabinet-for-health-and-family-services-notifies-1090-medicaid-patients-after-subcontractors-employee-fell-for-a-scam/
- https://www.kentoncounty.org/AgendaCenter/ViewFile/Item/3695?fileID=5838
- https://oig.hhs.gov/oas/reports/region4/41800123.pdf
- https://www.chfs.ky.gov/agencies/dph/dls/Documents/HIPAAForm.pdf
- https://medicine.uky.edu/sites/default/files/inline-files/KHIE%20CyberSecurity%20Issues%206-09-2017.pdf
- https://www.kentucky.gov/government/Pages/agency.aspx
- https://casetext.com/case/puckett-v-cabinet-for-health-family-servs
- https://www.fcc.gov/sites/default/files/cma-kentucky-lifeline-12172018.pdf
- https://silverleafky.org/mandatory-reporting/
- https://caselaw.findlaw.com/court/ky-supreme-court/2170857.html
- https://www.scmagazine.com/news/kentucky-health-agency-breached-after-worker-falls-for-phish-ploy
- https://law.justia.com/cases/kentucky/supreme-court/2021/2019-sc-0282-dg.html
- https://www.kentucky.gov/policies/Pages/default.aspx
- https://casetext.com/case/lunsford-v-kentucky-cabinet-for-health-family-servs