76,000 Individuals Affected by Richland County, WI October 2023 Cyberattack

September 22, 2024HIPAA News0

Richland County, Wisconsin is informing 76,365 people about a data breach involving their protected health information (PHI) in a cyberattack. The breach occurred as a result of an attack detected around early October 2023. Upon discovering unauthorized access to its network on October 4, 2023, Richland County immediately secured its systems to stop access by unauthorized individuals and launched an investigation to assess the nature and extent of the breach.

The investigation by forensic experts revealed that unauthorized access to the county’s internal systems began on September 28, 2023, and continued until October 26, 2023. During this period, files containing sensitive information were potentially accessed or obtained by an unauthorized person. The breach notice posted on the website indicated that unauthorized access persisted for 22 days even after the initial detection of the breach.

It took about 10 months to complete a thorough review of the affected files. By August 1, 2024, Richland County confirmed that the compromised data included personal data and PHI. The types of data exposed varied for each person and may have included names along with one or more of the following data: addresses, telephone and fax numbers, email address, Social Security numbers, driver’s license or passport numbers, tax ID numbers, government ID numbers, date of death, date of birth, financial account details, routing number, financial account PIN/Security Code, payment card number, card expiration date/Security code/CVV, username and password, medical data, health insurance data, prescription details, biometric data, license plate number, and/or VIN number.

Although there is no concrete evidence that the stolen data has been used for identity theft or financial fraud, HIPAA requires that affected individuals be informed about the incident and provided with guidance on how to protect themselves from potential misuse of their data. However, Richland County has not offered free credit monitoring or identity theft protection services to those impacted by the breach.

About Thomas Brown
Thomas Brown worked as a reporter for several years on ComplianceHome. Thomas is a seasoned journalist with several years experience in the healthcare sector and has contributed to healthcare and information technology news publishers. Thomas has a particular interest in the application of healthcare information technology to better serve the interest of patients, including areas such as data protection and innovations such as telehealth. Follow Thomas on X https://x.com/Thomas7Brown

ComplianceHome is a registered trademark. Copyright © 2024 ComplianceHome. All rights reserved.