The data breach occurred between Jan. 20 and Jan. 27. On Jan. 27, Lake Success, N.Y.-based Personal Touch became aware of the cyberattack on the private cloud hosted by its service providers, a news release said.
Personal Touch said it cannot confirm the extent to which employee and patient data was compromised.
Compromised information may include Social Security numbers, financial information, medical records and more of patients, employees and dependents.
The data breach affected 29 direct and indirect subsidiaries of Personal Touch across the U.S.
In response to the data breach, Personal Touch is retaining third-party forensic technical experts to investigate the origins and scope of the breach. It also notified the FBI and all other regulators required by law.
More articles on cybersecurity:
BioTel Heart vendor breach left patients’ information public for nearly a year
Cybercriminals accessed Maryland orthopedic center’s emails for a year, affecting 125,000
Hackers claim they stole Stanford Medicine data, posted info online: 4 things to know
