Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Community Health Center data breach impacted over 1 million patients

Community Health Center (CHC) data breach impacted over 1 million patients in Connecticut, the healthcare provider started notifying them. Community Health Center (CHC) is a leading healthcare provider based in Connecticut, offering primary care, dental, behavioral health, and specialty services. It serves a diverse patient population, focusing on accessible and affordable healthcare, particularly for underserved […]

University of Pennsylvania

Community Health Center (CHC) data breach impacted over 1 million patients in Connecticut, the healthcare provider started notifying them.

Community Health Center (CHC) is a leading healthcare provider based in Connecticut, offering primary care, dental, behavioral health, and specialty services. It serves a diverse patient population, focusing on accessible and affordable healthcare, particularly for underserved communities.

The healthcare provider is notifying over 1 million patients of a data breach that exposed their personal and medical data.

According to the data breach notification shared with Maine’s attorney general, threat actors gained access to the CHC network in mid-October 2024, but the organization discovered the security breach only on January 2, 2025. The company that a skilled cybercriminal was behind the attack.

“On January 2, 2025, we noticed unusual activity in our computer systems. That same day, we brought in experts to investigate and reinforce the security of our systems. They found that a skilled criminal hacker got into our system and took some data, which might include your personal information.” reads the data breach notification sent to the impacted individuals. “Fortunately, the criminal hacker did not delete or lock any of our data, and the criminal’s activity did not affect our daily operations. We believe we stopped the criminal hacker’s access within hours, and that there is no current threat to our systems.”

CHC pointed out that threat actors did not delete or encrypt patients’ information.

The exposed data may include patient name, birth date, contact info, diagnoses, treatments, test results, Social Security number, and health insurance details. The compromised data varies for each individual.

The company responded to the incident by enhancing security measures and implementing monitoring software to detect suspicious activity. They assured customers that there is no evidence of data misuse. To further protect affected individuals, the company is offering free identity theft protection through IDX, including 24 months of credit and cyber monitoring, a $1,000,000 insurance reimbursement policy, and identity recovery assistance.

Recently, UnitedHealth revealed that the Change Healthcare data breach is worse than initially estimated, the incident has impacted 190 million people.

According to the Associated Press, UnitedHealth booked $1.1 billion in total costs from the cyberattack in the second quarter.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CHC)