On December 6, 2022, Suncoast Skin Solutions filed notice of a data breach with the Attorney General of Maine after determining that an unauthorized party was able to access confidential patient information stored on the company’s computer system. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to patients’ names, dates of birth, Social Security numbers, clinical information, doctor’s notes,

On December 6, 2022, Acuity Brands filed notice of a data breach with the Maine Attorney General after the company learned of a data security incident that exposed employee information to unauthorized access. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to employees’ names, Social Security numbers, driver’s license numbers and financial account information. After confirming that employee data

On November 30, 2022, Suffolk University filed notice of a data breach with attorney general offices in several states after the school confirmed that an unauthorized party was able to access and remove files from its IT network that contained confidential student information. Based on the school’s official filing, the incident resulted in an unauthorized party gaining access to students’ names, Social Security numbers, driver’s license

On December 5, 2022, Macmillan filed notice of a data breach with the Attorney General of Texas after the company experienced what appears to have been a successful ransomware attack. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses, Social Security numbers, driver’s license numbers and financial account information. After confirming that consumer data was leaked,

On December 5, 2022, Snap Finance, LLC and Snap RTO, LLC filed notice of a data breach with the Attorney General of Texas after learning that an unauthorized party hacked the company’s computer network, gaining access to sensitive consumer information. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses, Social Security numbers, government-issued identification numbers and

On November 11, 2022, Stanley Street Treatment and Resources, Inc. (“SSTAR”) filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after the company learned that an unauthorized party accessed and removed files containing confidential patient information from its computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’

On November 23, 2022, Dallam Hartley Counties Hospital District filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after the company detected a data security threat that compromised patients’ sensitive information. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to patients’ names, Social Security numbers, health insurance information, demographic

On November 22, 2022, Mena Regional Health System filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after learning that an unauthorized party accessed its computer system and removed a limited number of files containing sensitive patient information. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ full names,

On November 23, 2022, Ingalls & Snyder, LLC filed notice of a data breach with the Attorney General of Vermont after the company learned that an unauthorized party gained access to sensitive consumer information in its possession. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ first and last names, Social Security numbers, Ingalls & Snyder account numbers,

On November 23, 2022, Columbia Grain International, LLC filed notice of a data breach with the Attorney General of Montana after learning that an unauthorized party was able to access sensitive information stored on the company’s computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ first and last names as well as other sensitive information. While the

On November 18, 2022, Community Health Network (“Community”) filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”) after learning that the organization’s use of third-party tracking technologies disclosed sensitive patient data to unauthorized parties. Based on the company’s filing with the HHS-OCR, the incident resulted in an unauthorized party gaining access to patients’ protected health information.

On November 21, 2022, Hope Health Systems, Inc. (“HHS”) filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights experiencing what appears to have been a ransomware attack compromising sensitive patient data stored on the company’s computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to patients’ names, addresses, dates

On November 14, 2022, Health Care Management Solutions, LLC (“HMS”) filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”) after the company learned that an unauthorized party was able to access sensitive patient information stored on its computer network. While the HHS-OCR Data Breach Portal does not provide the specific type of data that was compromised,

On November 18, 2022, Wright & Filippis filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights as well as the California Attorney General following a ransomware attack targeting the company’s computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, dates of birth, patient numbers, Social Security

On November 8, 2022, Mercyhurst University filed notice of a data breach with the Attorney General of Maine after the school discovered that an unauthorized party was able to access sensitive student information stored on its computer system. Based on the university’s official filing, the incident resulted in an unauthorized party gaining access to students’ names and Social Security numbers. After confirming that consumer data was