Four things to know:
1. One of the company’s partners notified Gryphon of a cybersecurity incident on Aug. 13, indicating an unauthorized person gained access to protected health information maintained by Gryphon, according to an Oct. 11 notification.
2. Gryphon conducted a comprehensive review of the incident to confirm which individuals were affected by the incident. The investigation concluded Sept. 3 and the company mained a letter to patients Oct. 11.
3. Patient names, addresses, Social Security numbers, diagnoses, prescription information and medical record numbers may have been breached. However, the company hasn’t seen evidence of information misuse.
4. There were 393,358 patients potentially affected by the breach, according to a report filed with the Maine Attorney General office.
