Cyber Incident Victim: Healthback Holdings

Healthback Holdings, an Oklahoma-based home health company, experienced a breach involving unauthorized access to its employee email environment. The incident spanned from October 5, 2021, to May 15, 2022, with the organization discovering suspicious activity on June 1, 2022. Forensic investigation confirmed that an external party compromised a limited number of employee email accounts during this nearly seven-month period. While analysts could not verify whether the intruder viewed specific messages, they established that the accessed accounts contained sensitive patient information including full names, health insurance details, clinical treatment data, and Social Security numbers. The breach ultimately affected 21,114 individuals whose data resided in these email accounts. Healthback completed its review of the incident and began notifying impacted parties approximately two months after detection.

The company mailed formal breach notification letters to all affected individuals on July 29, 2022, advising them to carefully review healthcare statements for discrepancies. Healthback's public statement emphasized its commitment to patient privacy while acknowledging the security failure. In response to the breach, the organization implemented strengthened email security protocols across its systems, though specific technical controls were not disclosed. Additionally, Healthback conducted supplemental employee training programs focused on identifying and resisting phishing attempts that could compromise email credentials. No evidence suggested misuse of the exposed data at the time of notification, but the incident exposed multiple categories of sensitive health and personally identifiable information over an extended period.