Vecino Health Centers

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Vecino Health Centers, a Federally Qualified Health Center operating in northeast Houston, Texas, experienced a data breach as part of the MOVEit cyberattack. This incident, which occurred on May 30, 2023, affected several industries across the US and worldwide. The breach at Vecino Health Centers involved unauthorized access to a MOVEit server, a managed file transfer software program used by Harris Health, with whom Vecino Health Centers shares information. As a result, the names, dates of birth, and prescription dates of a portion of Vecino Health Centers’ patient base were compromised. However, the breach did not impact any electronic medical records or compromise sensitive financial information such as social security numbers, bank account information, or other financial details[1][3].

Vecino Health Centers has taken steps to mitigate the impact of the breach, including notifying affected patients by mail and providing them with information on how to monitor and protect their personal information. Patients have also been advised to be cautious of any bills or phone calls seeking payment from individuals claiming to represent Vecino Health Centers and to verify such requests with their home clinic directly[1].

In response to the breach, Harris Health, the entity responsible for the MOVEit server, has implemented all available patches from the software provider and taken additional remediation steps to secure its server. Both Harris Health and Vecino Health Centers are committed to enhancing their secure file transfer protocols to prevent future incidents[1].

Vecino Health Centers, established in 1999, is dedicated to making quality healthcare accessible and sustainable to the medically underserved in Houston. It operates two community health centers in northeast Houston: Denver Harbor Family Health Center and Airline Children & Women’s Health Center[1].

Citations:

  1. https://vecinohealthcenters.org/vecino-health-centers-mitigates-impact-of-moveit-cyber-attack/
  2. https://www.grifols.com/en/home
  3. https://www.beckershospitalreview.com/cybersecurity/texas-health-center-affected-by-moveit-breach.html
  4. https://mychart.ochin.org/mychart/Authentication/Login
  5. https://www.beckersasc.com/asc-news/11-hospitals-health-systems-hit-by-data-breaches-in-4-weeks.html
  6. https://www.gwinnettcounty.com
  7. https://vecinohealthcenters.org/whats-new/
  8. https://theconversation.com/us
  9. https://blackkite.com/data-breaches-caused-by-third-parties/
  10. https://www.bradenton.com
  11. https://thecyberwire.com/newsletters/privacy-briefing/5/154
  12. https://www.fmcsa.dot.gov
  13. https://konbriefing.com/en-topics/cyber-attacks-moveit-victim-list.html
  14. https://european-union.europa.eu/index_en
  15. https://breachdata.topwords.me/states/TX?limit=20&offset=40&sort=published_date
  16. https://www.cia.gov
Breach Submission Date Aug 22, 2023
Converted Entity Name Vecino Health Centers
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 1,339
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes