Hi-School Pharmacy Breach

Hi-School Pharmacy (HSP) provides local services in and around Washington state. They are partnered with Ace Hardware and offer various options for locals in the area; HSP’s primary concerns are health and printing-based. However, following a recent data incident, residents may think twice before stopping for the newest vaccine.

What Was the Breach?

• Full Name
• Phone Numbers
• Residential Addresses
• Dates of Birth
• Social Security Numbers
• Provider Information
• Treatment and Prescription Information

How Did the Breach Occur?

HSP’s cybersecurity event involved a service disruption caused by an unauthorized actor within their computer network environment. The attack is similar to the HCA Healthcare data breaches earlier this year. After the disruption, officials immediately referred to cyber experts and authorities for continuity steps.

When Did This Breach Occur?

The cyber incident was very recent; according to the breach filing published on the Maine Attorney General’s website, the disturbance occurred from November 2nd to the following day. On November 4th, officials regained network control and discovered the breach. Officials immediately drafted patient notifications and sent them on December 5th.

Who Does the Breach Impact?

The HSP Incident Notice—published on their website—states that former and current patients may face consequences for this breach. The breach is unlikely to impact associated consumer accounts, although caution is needed wherever possible.

How Many Files Does the Breach Affect?

The Maine breach filing suggests the event exposed 17,676 patient records; however, because the breach happened merely a month ago, the impact figure may increase as investigations continue. At this time, patients and associates of HSP should consider preventative and defensive options for their data.