Sierra County (Department of Public Health, Department of Behavioral Health)
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Sierra County in California experienced a significant data breach that was detected on March 5, 2023, after a sophisticated cyberattack occurred around February 21, 2023. The county took immediate action to secure its systems and prevent further unauthorized access. They also engaged third-party cybersecurity experts to investigate the breach[1].
The investigation revealed that the attackers had gained access to parts of the network containing sensitive information, including names, addresses, dates of birth, email addresses, phone numbers, Social Security numbers, driver’s license or government ID numbers, medical/prescription or health insurance-related information, drug or alcohol screening results, credit or debit card numbers, biometric data, or financial account/routing numbers. Despite the extensive nature of the breach, there was no evidence found to suggest that the impacted data had been misused[1].
The Department of Public Health and Department of Behavioral Health in Sierra County confirmed that the protected health information (PHI) of 2,463 individuals was exposed and potentially stolen in the attack. In response to the breach, Sierra County has taken steps to enhance its cybersecurity measures and is likely continuing to monitor the situation for any potential misuse of the exposed data[1].
The breach at Sierra County is a reminder of the importance of robust cybersecurity practices, especially for public health departments that handle sensitive personal and health information. It also underscores the need for quick detection and response to minimize the impact of such cyber incidents[1].
Citations:
- https://www.hipaajournal.com/prime-healthcare-data-breach/
- https://www.sierracounty.ca.gov/AgendaCenter/ViewFile/Item/8207?fileID=7948
- https://www.cdph.ca.gov/Programs/OLS/CDPH%20Document%20Library/DPH-11-009-Final-Reg-Text-ADA.pdf
- https://laist.com/news/health/la-county-department-of-mental-health-announces-it-was-victim-of-cyberattack
- https://www.hipaaguidelines101.com/data-breaches-reported-by-sierra-county-advarra-foursquare-healthcare-east-river-medical-imaging-and-hi-school-pharmacy/
- http://www.sierracounty.ca.gov/AgendaCenter/ViewFile/Item/7641?fileID=7448
- https://www.jonesday.com/en/insights/2021/09/california-attorney-general-issues-bulletin-on-health-data-breach-reporting-requirements
- https://www.cnn.com/2023/03/10/politics/cerebral-mental-health-privacy-data-exposure/index.html
- https://oag.ca.gov/privacy/databreach/list
- http://www.sierracounty.ca.gov/AgendaCenter/ViewFile/Item/9494?fileID=9537
- https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breach
- https://file.lacounty.gov/SDSInter/dmh/1153323_PROJECTHOUNDSUBSTITUTENOTICE.pdf
- https://www.sierracounty.ca.gov/765/County-Departments
- https://breachdata.topwords.me/hipaa?limit=20&offset=80&sort=reported_date
- https://lewisbrisbois.com/privacy/US/California/data-breach
- https://www.the74million.org/article/trove-of-l-a-students-mental-health-records-posted-to-dark-web-after-cyber-hack/
- https://www.cdph.ca.gov/Programs/CHCQ/LCP/Pages/MedicalBreaches.aspx
- https://www.jdsupra.com/legalnews/california-issues-new-health-facility-1987034/
- https://www.healthleadersmedia.com/strategy/ca-investigating-latest-health-net-data-breach
- https://sierracounty.ca.gov/AgendaCenter/ViewFile/Item/11532?fileID=12112
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
- https://www.sierracounty.ca.gov/AgendaCenter/ViewFile/Item/10487?fileID=10694
- https://www.bakerdonelson.com/what-you-should-know-about-californias-new-health-facility-breach-reporting-regulations
- https://www.sierracounty.ca.gov/AgendaCenter/ViewFile/Item/9732?fileID=9988