"Gryphon Healthcare, Tri-City Medical Center Disclose Significant Data Breaches"
Gryphon Healthcare and Tri-City Medical Center recently disclosed separate data breaches in which the personal information of more than 500,000 individuals was stolen. The Houston, Texas-based billing services provider Gryphon is notifying 393,358 individuals of an incident discovered on August 13, 2024, which involved an unnamed partner "that Gryphon provides medical billing services for." The company noted that a threat actor accessed files containing information about patients "for whom Gryphon provides medical billing services." According to Gryphon, names, addresses, dates of birth, Social Security numbers, dates of service, diagnosis and health insurance information, treatment and prescription information, provider details, and medical record numbers were compromised in the incident. Tri-City, an Oceanside, California-based full-service, acute-care public hospital, informed the Maine AGO that 108,149 people were impacted by a year-old data breach. According to the healthcare provider, a November 2023 cyberattack that disrupted certain systems led to data exposure, and the investigation into the matter determined in late September 2024 that personal information such as names and other identifiers was compromised during the attack.