Personal Touch Holding Corp., the parent company of Personal Touch Home Care centers across the U.S., recently began notifying 753,107 patients and employees of a ransomware attack on its cloud-stored business records.
The data breach occurred between Jan. 20 and Jan. 27. On Jan. 27, Lake Success, N.Y.-based Personal Touch became aware of the cyberattack on the private cloud hosted by its service providers, a news release said.
Personal Touch said it cannot confirm the extent to which employee and patient data was compromised.
Compromised information may include Social Security numbers, financial information, medical records and more of patients, employees and dependents.
The data breach affected 29 direct and indirect subsidiaries of Personal Touch across the U.S.
In response to the data breach, Personal Touch is retaining third-party forensic technical experts to investigate the origins and scope of the breach. It also notified the FBI and all other regulators required by law.