On September 20, 2024, the Lassen Clinics learned there was an active cyber event on its IT network involving an unknown individual. The Lassen Clinics’ IT network was temporarily disabled and rendered inaccessible before the Lassen Clinics were able to restore it the next day. Upon learning of the security incident, the Lassen Clinics immediately took steps to secure its network and began an investigation with the assistance of an external forensics vendor.
The investigation determined that an unauthorized third party gained access to the Lassen Clinics network between September 17, 2024, to September 20, 2024. On December 3, 2024, the Lassen Clinics learned that the unauthorized third party obtained copies of some of the data from its systems containing confidential patient medical information, however, the unauthorized third party did not acquire any data directly from the Lassen Clinics’ Electronic Medical Record (EMR).
Some information in the Lassen Clinics' records may have been accessed or acquired by an unauthorized third party. The information in the files may have included name, address, date of birth, driver's license number, financial account information, as well as medical and health insurance information. A small number of individuals may also have had a Social Security Number involved.
Upon learning of the event, the Lassen Clinics took quick action to protect its systems, contain the incident, open an investigation, and maintain continuity of healthcare. Once secured, systems were returned to the network with additional security and monitoring tools.
Grounding Healthcare Spaces in Hospitality Principles
UC Davis Health Selects Rudolph and Sletten for Central Utility Plant Expansion
Cape Cod Healthcare Opens Upper 2 Floors of Edwin Barbey Patient Care Pavilion
Building Sustainable Healthcare for an Aging Population
Froedtert ThedaCare Announces Opening of ThedaCare Medical Center-Oshkosh