PHI Compromised in Tech Etch Ransomware Attack and UNC Hospitals Insider Breach

Tech Etch based in Plymouth, MA manufactures adaptable printed circuits, precision-engineered thin metal parts, and EMI/RFI shielding. It has reported a ransomware attack that resulted in the potential compromise of the personal data and protected health information (PHI) of current and former employees.

Organizations such as Tech Etch would not typically be expected to adhere to HIPAA; nonetheless, the firm provides a health plan for its workers and, therefore, is categorized as a HIPAA-covered entity.

Tech Etch identified the ransomware attack on August 25, 2021. The investigators determined that the attackers acquired access to its network last August 20. Tech Etch employed an external forensic cybersecurity group to help with the breach investigation, help protect its system, and stop more unauthorized access. Tech Etch had ready backups that were not impacted and were able to reestablish all encrypted information without giving ransom payment.

Several safeguards were put in place to keep safe employees’ personal data and protected health information, however, despite those security measures, a number of employee information may have been stolen. Tech Etch stated there was no direct proof of data staging or data exfiltration discovered and the investigation showed that the hackers did not access the HR servers that contain employee data. The attackers did try to get access to information backups that contain employee data, nevertheless, Tech Etch had encrypted the backups and were not viewable. A number of employee data, like names, addresses, dates of birth, Social Security numbers, and personal health information, was contained in its email environment and may have been accessed or exfiltrated.

Tech Etch did not find any evidence that any worker information was stolen or misused and it does not appear that any worker data were published publicly.

Affected workers were told to keep track of their explanation of benefits statements, credit reports, and accounts for clues of fake activity and to quickly report any suspicious transactions in case they are identified. Tech Etch has already taken steps to improve its security systems to stop further security incidents and will keep on reviewing those procedures to ensure they remain effective.

Tech Etch already reported the ransomware attack to the Department of Health and Human Services’ Office for Civil Rights and the Massachusetts Attorney General. But it is not yet known how many people were affected.

UNC Hospitals Identifies Insider Breach and Data Theft

The PHI of 719 patients of UNC Hospitals was stolen by a former staff, who used the patient records for monetary gain.

The healthcare provider based in Chapel Hill, NC identified the unauthorized access on September 10, 2021. The staff in question was handling the patients’ payments for services at a number of UNC Hospitals clinics and was allowed access to sensitive patient information to do work responsibilities.

The employee stole patients’ demographic details, financial data, copies of insurance cards, Social Security numbers, and patients’ driver’s licenses and utilized that details to fraudulently get goods and services.

Patients whose PHI was stolen or misused by the old employee were informed by mail and were offered a year of complimentary credit monitoring services. The UNC Hospitals Police Department has begun a criminal investigation into the incident.