The Neurological Institute of Savannah & Center for Spine and East Central Missouri Behavioral Health Services have started notifying individuals about hacking incidents and data breaches that occurred last year.
The Neurological Institute of Savannah & Center for Spine
The Neurological Institute of Savannah & Center for Spine (NeuroSav) in Georgia has announced a data breach from last summer. The HIPAA Journal first reported a potential data breach in August 2024, after the RansomHub ransomware group added NeuroSav to its dark web data leak site. RansomHub claimed to have exfiltrated “hundreds of gigabytes of data,” but said that, as a “goodwill gesture,” files were not encrypted.
Notification letters are being mailed to the 32,548 affected individuals, and complimentary credit monitoring services have been offered. NeuroSav said it is unaware of any instances of the stolen data being used for identity theft or fraud. NeuroSav said it had implemented practices to safeguard sensitive patient data prior to the breach and has been enhancing those safeguards since, including adopting additional encryption technologies, global password rotation across all access points and programs, and new and periodic technical safeguards, in addition to providing additional training to the workforce.
East Central Missouri Behavioral Health Services (Arthur Center Community Health)…