CaptureRx, a San Antonio-based health IT company, helps hospitals manage their 340B drug programs, reported unusual activity in some of its files in February. Compromised files contained patient records with protected health information, including names, birthdates and prescription details. CaptureRx notified hospitals of the attack in April.
CaptureRX reported that there are 1,656,569 known victims affected by the breach.
A list of hospitals and healthcare providers that have reported breaches stemming from the incident and the number of patients affected:
Faxton St. Luke’s Healthcare, an affiliate of Mohawk Valley Health System (Utica, N.Y.): 17,000+
Trinity Twin City Hospital (Dennison, Ohio): 9,500+
Hudson Headwaters Health Network (Queensbury, N.Y.): 8,100
UPMC Cole (Coudersport, Pa.) and UPMC Wellsboro (Pa.): 7,400
Gifford Health Care (Randolph, Vt.): 6,777
Ascension St. Joseph Hospital (Tawas City, Mich.): 5,807
Brownsville Community Health Center, an affiliate of New Horizon Medical Center: 4,258
Ascension Standish (Mich.) Hospital: 1,705
Adirondack Health (Saranac Lake, N.Y.): 800+
Kaleida Health (Buffalo, N.Y.): 600
Lourdes Hospital (Binghamton, N.Y.): unknown
Penobscot Community Health Care (Bangor, Maine): unknown
Bayhealth (Dover, Del.): unknown
Walmart: unknown
At the Becker's 11th Annual IT + Revenue Cycle Conference: The Future of AI & Digital Health, taking place September 14–17 in Chicago, healthcare executives and digital leaders from across the country will come together to explore how AI, interoperability, cybersecurity, and revenue cycle innovation are transforming care delivery, strengthening financial performance, and driving the next era of digital health. Apply for complimentary registration now.
