Partnership HealthPlan of California
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
In March 2022, Partnership HealthPlan of California (PHC) experienced a significant cybersecurity incident that affected the personal information of approximately 854,913 individuals. This cyberattack, attributed to the Hive ransomware group, led to the potential compromise of sensitive health information[1][5]. Following the incident, PHC faced a proposed class-action lawsuit alleging that the organization failed to adequately secure the personal information of its members[3][5]. The lawsuit claims that PHC did not take necessary steps to prevent the attack and has been accused of not promptly notifying the victims about the breach of their personal data as required under both federal and state laws[5].
The Hive ransomware group, known for targeting healthcare organizations, claimed responsibility for the attack, stating they had stolen 850,000 personally identifiable information (PII) records from PHC[5]. In response to the cyberattack, PHC replaced its traditional webpage with a notice about the system downtime due to “anomalous activity” and worked on restoring its website functionality[5]. Despite these efforts, there was criticism regarding PHC’s communication and handling of the breach aftermath, particularly concerning the timely notification to affected individuals[5].
This incident underscores the growing threat of ransomware attacks on healthcare organizations, highlighting the importance of robust cybersecurity measures and prompt incident response strategies to protect sensitive patient information[5].
Citations:
- https://www.hipaajournal.com/over-850000-individuals-affected-by-partnership-healthplan-of-california-cyberattack/
- https://www.placer.ca.gov/9488/Transition-to-Partnership-HealthPlan
- https://janssenlaw.com/class-action-lawsuit-alleges-partnership-healthplan-of-california-allowed-data-of-up-to-850000-enrollees-subject-to-ransomware-attack/
- https://kymkemp.com/2024/02/13/partnership-health-plan-of-california-honors-st-joseph-hospital-redwood-memorial-hospital-for-high-quality/
- https://healthitsecurity.com/news/ca-health-plan-faces-lawsuit-after-cybersecurity-incident-linked-to-hive-ransomware
- https://www.sierrasun.com/news/new-managed-care-plan-for-nv-county-medi-cal-recipients/
- https://www.thelyonfirm.com/class-action/data-breach/partnership-healthplan-california/
- https://finance.yahoo.com/news/california-teens-equitable-access-mobile-110500503.html
- https://oag.ca.gov/system/files/Partnership%20HealthPlan%20of%20California%20-%20Sample%20notice.pdf
- https://medcitynews.com/2023/11/teen-mental-health-schools-health-plan/
- https://www.scmagazine.com/analysis/after-hive-cyberattack-partnership-healthplan-confirms-data-theft-affecting-855k
- https://www.businesswire.com/news/home/20231003148045/en/AEG-Announces-Expansion-of-Relationship-With-Blue-Shield-of-California-Names-the-Health-Plan-as-an-Official-Helmet-Partner-of-the-LA-Kings-and-Ontario-Reign
- https://www.pressdemocrat.com/article/news/ransomware-group-claims-responsibility-for-partnership-healthplan-internet/
- https://www.bankinfosecurity.com/partnership-health-plan-california-systems-still-down-a-18817
- https://www.jdsupra.com/legalnews/data-breach-alert-partnership-9507071/
- https://www.pressdemocrat.com/article/news/medi-cal-healthplan-website-and-computer-systems-down/