Three health systems have apparently been ensnared in a 2024 hack of EHR vendor Veradigm, formerly known as Allscripts, DataBreaches.net reported.
In the December data breach, a cybercriminal used a credential obtained from a Veradigm customer to enter a Veradigm storage account, accessing tens of thousands of patients’ medical and personally identifiable information.
A ransomware group posted data to the dark web involving a hack of Mission, Kansas-based Sunflower Medical Group, that occurred on or around the same date — Dec. 15, 2024 — as the Veradigm breach, according to DataBreaches.net.
The list contained several Veradigm health system clients, including Omaha, Neb.-based CHI Health (part of Chicago-based CommonSpirit Health), Des Moines, Iowa-based MercyOne, and Atlanta-based Piedmont Physicians Group Peachtree Neurology (an affiliate of Atlanta-based Piedmont Healthcare), per the Nov. 1 article.
Piedmont confirmed in an online notice that Peachtree Neurological Clinic, which employed Veradigm until joining the health system in 2021, was part of the breach.
Becker’s reached out to Veradigm, Sunflower Medical Group, CHI Health and MercyOne for comment.
