The eight-center imaging and oncology medical group discovered a computer virus in February that left physicians unable to access files. It is unclear if the virus was a form of malware.
Upon investigation, Centrelake Medical Group learned an unauthorized third-party gained access to its computer servers on Jan. 9, the HIPAA Journal reports. While the virus was not deployed until Feb. 19, the unauthorized individual was able to access the computers undetected.
The servers that were accessed contained software applications and files that may have stored patients’ names, phone numbers, addresses, Social Security numbers, health insurance information, diagnoses, services performed, dates of service, medical record numbers, referring provider information and driver’s license numbers.
Centrelake Medical Group notified patients that although there has been no indication of data misuse, patients should still monitor their financial accounts.
More articles on cybersecurity:
Washington State University settles $5.26M data breach class-action suit
HHS continues to deploy strong cybersecurity solutions, report finds
Rehab center data breach exposes millions of patient records