On November 9, 2022, GATE Petroleum Company filed notice of a data breach with the Maine Attorney General’s Office after the company learned that sensitive consumer information contained on its computer network was accessed by an unauthorized party—likely as a result of a cyberattack. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names and Social Security numbers.

On November 9, 2022, Doctors’ Center Hospital filed notice of a data breach with the U.S. Department of Health and Human Services, Office for Civil Rights, after an unauthorized party was able to access sensitive patient information that had been entrusted to the company. While Doctors’ Center Hospital has yet to post notice of the breach on its website explaining the incident, based on the company’s filing

On November 23, 2022, HomeTrust Mortgage, which does business under the name Home Mortgage of America, filed notice of a data breach with the Montana Attorney General after a ransomware attack compromised sensitive consumer information stored on the company’s computer system. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses and Social Security numbers. After confirming

On November 18, 2022, Gateway Rehabilitation Center filed notice of a data breach with the U.S. Department of Health and Human Services, Office for Civil Rights, as well as the Montana Attorney General’s Office, after the company learned it was the target of a recent cyberattack. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, dates of birth,

On November 21, 2022, Receivables Performance Management LLC (“RPM”) filed notice of a data breach with the Attorney General of Maine after the company experienced a ransomware attack compromising sensitive consumer data in its possession. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ personal information, including their names and Social Security numbers. After confirming that consumer data

On November 8, 2022, Eagle Bank, Inc. (“Eagle Bank”) filed notice of a data breach with the Attorney General of Massachusetts after sensitive information placed in the company’s care was subject to access by an unauthorized party. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, financial account numbers and driver’s license numbers. After

On November 8, 2022, Simmons Bank filed notice of a data breach with the Attorney General of California after the company learned that one of its vendors, Mayer Brown, experienced a data breach related to one of its vendors, AMS Collaborator. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses, Social Security numbers, and driver’s license

On November 15, 2022, Commonwealth Care Alliance of California (“CCA Health California”) filed notice of a data breach with the Attorney General of California after the company learned that an unauthorized party had gained access to sensitive consumer data stored on its computer system. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, dates

On November 17, 2022, The Rosewood Corporation filed notice of a data breach with the Texas Attorney General after an unauthorized party gained access to sensitive information that had been entrusted to the company. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses, Social Security numbers, driver’s license numbers, government identification numbers, and health insurance information.

On November 16, 2022, AAA Collections, Inc. filed documents with the Attorney General of Montana reporting a data breach that compromised the sensitive consumer data contained on the company’s computer system. However, the company has yet to publicly disclose the type of information that was accessible to the unauthorized party as a result of the breach. That said, based on state data breach reporting requirements, it is

Recently, Lake Charles Memorial Health System (“LCMH”) appears to have been the target of a Hive ransomware attack, although the organization has yet to post notice of the breach or provide any formal notice of the incident. However, a prominent data breach news source confirmed the attack after the ransomware group shared email communications between the group and LCMH. While the investigation into the Lake Charles Memorial

On November 16, 2022, Innovative Service Technology Management Services, Inc. (“IST Management”) filed notice of a data breach with the Attorney General of Montana after hackers carried out what appears to have been a successful ransomware attack. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, birth dates, Social Security numbers, driver’s license numbers, passport numbers, financial

On November 14, 2022, Middletown Valley Bank (“MVB”) filed notice of a data breach with the Attorney General of Montana after the company determined that an unauthorized party was able to access sensitive information belonging to certain bank customers. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, financial account numbers, Social Security numbers, driver’s license numbers, passport

On November 14, 2022, Connexin Software, Inc., which operated under the name Office Practicum, filed notice of a data breach with the Montana Attorney General after the company experienced a data security incident that compromised patient data stored on the company’s computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, addresses, dates

On October 31, 2022, Gateway Ambulatory Surgery Center filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after an unauthorized person used an email phishing attack to gain access to the company’s computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to patients’ names, Social Security numbers, driver’s