Lehigh Valley Health Network hit by a cybersecurity attack

Lehigh Valley Health Network hit by a cybersecurity attack

Recently, the Lehigh Valley Health Network (LVHN) was hit by a cybersecurity attack that targeted the Delta Medix group, a provider that LVHN has been working with since 2019. The attack occurred on January 11, 2022, and was discovered by LVHN on January 13, 2022.

The LVHN is a healthcare provider that offers a wide range of services to patients in the Lehigh Valley area of Pennsylvania. It is one of the largest healthcare providers in the state and is renowned for its excellent patient care. Delta Medix is a multi-specialty medical group that offers services in various fields, including oncology, neurology, and urology.

The cybersecurity attack on Delta Medix group resulted in the unauthorized access and theft of patient information, including names, addresses, dates of birth, and clinical information. The LVHN has confirmed that no financial information, such as credit card numbers or bank account information, was compromised in the attack.

Following the attack, LVHN immediately launched an investigation and reported the incident to law enforcement agencies, as well as the Department of Health and Human Services’ Office for Civil Rights. The investigation is ongoing, and LVHN is working closely with Delta Medix to identify and notify the affected patients.

LVHN has assured patients that it is taking all necessary steps to protect their personal information and prevent a similar attack from happening again in the future. The organization has also implemented additional security measures and conducted a thorough review of its existing cybersecurity protocols.

This cybersecurity attack serves as a reminder of the importance of maintaining robust cybersecurity measures, especially in the healthcare industry. The healthcare sector is a prime target for cybercriminals due to the sensitive nature of the data it handles, including patients’ medical records, personal information, and other confidential data.

Therefore, it is essential that healthcare organizations invest in cybersecurity measures and make them a priority. These measures can include regular security assessments, staff training, implementing access controls and password management policies, and deploying advanced threat detection and prevention tools.

In conclusion, the cybersecurity attack on the LVHN serves as a cautionary tale for healthcare organizations that must take a proactive approach to their cybersecurity efforts. As the healthcare industry continues to rely on technology to manage patient data, it is essential to remain vigilant against the ever-present threat of cyber attacks. Healthcare organizations must remain prepared to respond to incidents quickly and effectively to minimize the impact on patients and protect their sensitive data.

If you have any questions or are concerned about your organization's cybersecurity, call us at (949) 474-7774. We'll be happy to help.

For more HIPAA information, download our ebook - The Ultimate HIPAA Compliance Handbook.

The HIPAA Security Rule requires implementing a security awareness and training program for all members of its workforce (including management). Have your team sign up for weekly HIPAA Security Reminder to help stay compliant.

HIPAA Security Reminders


HIPAA Security Suite has developed a weekly HIPAA Security Reminder series that’s FREE for all of us who are responsible for, or engaged in, the use and protection of PHI.

Pursuant to Section 164.308(a)(5) of the HIPAA Security Rule, the Standard states: Implement a security awareness and training program for all members of its workforce (including management).

This standard is part of our Best Practices Recommendations for HIPAA Security Suite users, but it’s available for FREE to anyone who wants to comply with HIPAA using the easiest, best tools available.

Sign Up

Scroll to Top