SecurityWeek reports that North Carolina-based Asheville Eye Associates (AEA) and Colorado-based Delta County Memorial Hospital had data from more than 340,000 individuals compromised following separate data breaches last year.
AEA confirmed being subjected to a cybersecurity incident that resulted in the exposure of information from 193,306 patients — including their names, addresses, health insurance details, and medical treatment data — more than a month after the DragonForce ransomware operation took responsibility for the intrusion against the eye care provider, which was purported to lead to the theft of hundreds of gigabytes of data.
In the other incident, Delta County Memorial Hospital disclosed to Maine regulators that infiltration of its network from May 27 to 30 prompted the theft of 148,363 individuals' names, birthdates, phone numbers, addresses, Social Security numbers, financial data, medical and health insurance details, and driver's license numbers.
"While we have no reason to believe this information has been misused, we want to make you aware of the incident and provide information about what you can do to protect yourself, should you feel it is appropriate to do so," said Delta County in its notification letter.