Regional One Health reports third party data breach
Learn More
Regional One Health (ROH) is reporting a data breach that impacts patients from the University of Tennessee Health Science Center (UTHSC) who received medical services at ROH.
The breach is caused by a hosting system of KMJ Health Solutions, Inc - a company that ROH enlisted to support OB/GYN residents and patients.
The security lapse was first identified by KMJ following a network server outage reported on November 29, 2023. Subsequent investigations revealed that the server outage was due to a ransomware attack discovered by KMJ's host provider, LiquidWeb, on January 18, 2024. The compromised server contained patient information related to OB/GYN services provided between November 2014 and November 2023
Information potentially exposed in this breach includes:
- patients' first and last names,
- medical record numbers,
- ages,
- dates of admission,
- allergies,
- services rendered,
- resident assignments,
- parity,
- diagnoses,
- prenatal providers,
- laboratory results,
- medications,
- fetal or delivery details,
- contraception,
- infant feeding types,
- follow-up care information.
Per the report dates of birth, addresses, social security numbers, credit card details, bank account information, or other financial data was not affected.
No details are disclosed about the number of affected individuals.
ROH advises that the risk of identity theft or credit harm to affected patients is minimal. However, patients are encouraged to remain vigilant for unsolicited communications seeking personal information or offering services.
