Vitra Home Care, LLC
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Vitra Home Care, LLC, a Massachusetts-based healthcare provider, experienced a data breach due to a phishing attack that compromised an employee’s email account. The breach was discovered on December 8, 2022, and occurred on December 6, 2022. Vitra Health, Inc. and Vitra Home Care, LLC (collectively referred to as “Vitra”) took immediate action to prevent further unauthorized access by disabling the compromised email account and changing the credentials. They also confirmed that no other email accounts were breached and initiated an internal investigation[4].
Vitra engaged a professional forensic investigator and a security and data privacy consultant to assist with the investigation. The compromised email account contained various types of Protected Health Information (PHI), including names, addresses, dates of birth, phone numbers, referral information, diagnoses, and Health Plan ID numbers. However, the breach did not include Social Security numbers, driver’s licenses, or credit or debit card information[4].
In response to the breach, Vitra expanded its email security, implemented new technical safeguards, and provided additional privacy and security training to its staff. They are also conducting a comprehensive review of their operations and IT systems and have retained outside assistance to perform a HIPAA risk assessment[4].
Vitra has not reported any specific information regarding the impact of the breach on affected individuals. However, they have advised Massachusetts residents of their right to obtain a police report if they are victims of identity theft and have provided resources for placing a security freeze on credit reports[4].
The breach affected 658 Massachusetts residents, as reported in the State data breach browser[10][15].
Citations:
- https://www.mass.gov/doc/assigned-data-breach-number-29245-vitra-health-inc/download
- https://www.mass.gov/doc/data-breach-report-2023/download
- https://cases.stretto.com/public/X070/10255/PLEADINGS/1025508302180000000010.pdf
- https://info.vitrahealth.com/hubfs/Vitra_Breach_June-22-2023.pdf
- https://www.virtahealth.com
- https://hacknotice.com
- https://www.mass.gov/lists/data-breach-notification-letters-march-2023
- https://www.careinhomes.com/Attleboro-MA?page=1
- https://www.town.canton.ma.us/DocumentCenter/View/4076/19-005W-Water-Transmission-Main-Bid-Documents
- https://breachdata.topwords.me/states/MA
- https://www.scribd.com/document/418195974/2019-Home-Care-Alliance-and-Foundation-for-Home-Health-Annual-Report
- https://www.classaction.org/media/ma-data-breach-report.pdf
- https://www.annualreports.com/HostedData/AnnualReportArchive/c/LSE_GLO.L_2017.pdf
- https://vitrahealth.com
- https://breachdata.topwords.me/hipaa?limit=20&offset=260&sort=entity_name
- https://colevannote.com/investigations/