Val Verde Regional Medical Center (“VVRMC”)

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

The breach at Val Verde Regional Medical Center (VVRMC) in Del Rio, Texas, was a significant cybersecurity incident that occurred between March 10, 2022, and March 24, 2022. The breach was discovered on May 12, 2022, and was identified as an external system breach due to hacking. This incident compromised the personal information of 86,562 individuals, including 18 residents of Maine. The compromised information included names or other personal identifiers in combination with Social Security Numbers[1].

In response to the breach, VVRMC took several steps to address the situation and mitigate the impact on affected individuals. The medical center provided written notifications to consumers between May 24, 2022, and May 26, 2022. Additionally, VVRMC offered identity theft protection services through Kroll, which included 12 months of complimentary credit and identity monitoring, a $1,000,000 identity fraud loss reimbursement insurance policy, and access to fraud consultation services[1].

The breach at VVRMC was part of a larger trend of healthcare data breaches in Texas in 2022, highlighting the vulnerability of healthcare institutions to cyberattacks. Healthcare institutions are prime targets for cybercriminals due to the sensitive nature of the information they hold, such as patients’ phone numbers, Social Security numbers, addresses, and medical records. These data breaches not only compromise the privacy and security of patients’ information but also pose significant risks to their financial security and well-being[2][3].

The VVRMC incident was reported to the FBI, and the medical center cooperated with the authorities to hold the perpetrators accountable. Impacted individuals were advised to enroll in the offered identity monitoring and recovery services to protect their personal information and mitigate the risk of identity theft[9].

This breach underscores the importance of robust cybersecurity measures and the need for healthcare institutions to continuously enhance their security protocols to protect sensitive patient information from unauthorized access and cyberattacks[1][2][3].

Citations:

  1. https://apps.web.maine.gov/online/aeviewer/ME/40/4ef47611-2a81-47df-bd70-5a7ca5a483cf.shtml
  2. https://kvia.com/news/texas/stacker-texas/2023/08/03/the-biggest-health-care-data-breaches-you-should-know-about-in-texas/
  3. https://stacker.com/texas/biggest-health-care-data-breaches-you-should-know-about-texas
  4. https://www.dataguidance.com/news/usa-vvrmc-notifies-ocr-data-security-incident
  5. https://www.databreaches.net/tx-val-verde-regional-medical-center-patient-data-dumped-by-lockbit/
  6. https://emrfinder.com/blog/2022-latest-data-breaches/
  7. https://www.ironnet.com/resource-library/dos-and-donts-following-a-data-breach
  8. https://www.databreaches.net/five-ransomware-groups-five-victims-will-it-ever-ease-up/
  9. https://www.prnewswire.com/news-releases/val-verde-regional-medical-center-provides-notification–accessing-of-data-security-incident-301555680.html
  10. https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
  11. https://www.vvrmc.org/news/releases/hipaa-compliance/
  12. https://www.scmagazine.com/analysis/after-hive-cyberattack-partnership-healthplan-confirms-data-theft-affecting-855k
  13. https://healthitsecurity.com/news/several-healthcare-providers-report-recent-data-breaches
  14. https://www.beckershospitalreview.com/cybersecurity/patient-info-accessed-in-texas-hospital-data-breach.html
  15. https://www.thelyonfirm.com/blog/val-verde-regional-medical-data-breach/
  16. https://www.turkestrauss.com/2022/06/02/val-verde-regional-medical-center-data-breach-investigation/
Breach Submission Date May 24, 2022
Converted Entity Name Val Verde Regional Medical Center (“VVRMC”)
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 86,562
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes