Prime’s revenue cycle management vendor, CBIZ KA, was breached after using the MOVEit software, the health system said Dec. 4. The MOVEit vulnerability, which has since been patched, exposed the private information of millions of people across the globe.
Prime said the breached patient data may include dates of birth, addresses, Social Security numbers, and admission and discharge dates.
Nine of the health system’s 45 hospitals were affected, a Prime spokesperson told databreaches.net:
1. Garden City (Mich.) Hospital
2. Lake Huron Medical Center (Port Huron, Mich.)
3. Landmark Medical Center (Woonsocket, R.I.)
4. Lower Bucks Hospital (Bristol, Pa.)
5. Roxborough Memorial Hospital (Philadelphia)
6. Saint Clare’s Hospital (Denville, N.J.)
7. Saint Michael’s Medical Center (Newark, N.J.)
8. St. Mary’s General Hospital (Passaic, N.J.)
9. Suburban Community Hospital (Norristown, Pa.)
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
