Over 90 Total Lots Up For Auction at One Location - WA 04/08

Law firm cyberattack puts data of 36,000 UPMC patients at risk for exposure

by John R. Fischer, Senior Reporter | February 12, 2021
Cyber Security Health IT
A hacker may have gained access to the personal health information of over 36,000 patients at UPMC
A cyberattack on a Pennsylvania law firm has left the personal health information of over 36,000 patients potentially exposed.

Charles J. Hilton & Associates P.C. (CJH) revealed this week that several of its employee email accounts were hacked between April and June 2020, and that the accounts contained personal details related to the healthcare of patients at the University of Pittsburgh Medical Center, which receives legal services from CJH, according to Infosecurity Magazine.

"After a lengthy investigation by computer forensics specialists, CJH confirmed to UPMC in December that some of UPMC’s patient information may have been accessed in this breach," said UPMC in an online notice it posted this month.
stats
DOTmed text ad

Reveal Mobi Pro now available for sale in the US

Reveal Mobi Pro integrates the Reveal 35C detector with SpectralDR technology into a modern mobile X-ray solution. Mobi Pro allows for simultaneous acquisition of conventional & dual-energy images with a single exposure. Contact us for a demo at no cost.

stats
Upon noticing suspicious activity in its employee email system in June, CJH launched an investigation that confirmed a hacking took place and that the perpetrators may have gained access to patient data used by the firm to provide its contracted billing-related legal services to UPMC.

Potential information compromised includes names, dates of birth, social security numbers, bank or financial account numbers, driver’s license numbers, state identification card numbers, electronic signatures, medical record numbers, patient account numbers, patient control numbers, visit numbers, and trip numbers. In addition, the hackers were able to access Medicare or Medicaid identification numbers, individual health insurance or subscriber numbers, group health insurance or subscriber numbers, medical benefits and entitlement information, disability access and accommodation, and information related to occupational health, diagnosis, symptoms, treatment, prescriptions or medications, drug tests, billing or claims, and/or disability.

"While there is no evidence that this data was misused, CJH and UPMC are alerting affected patients through personal letters and public notification,” said UPMC.

CJH is currently writing to all patients whose information may have been compromised and is offering complimentary credit monitoring and identity-theft protection services to them. It also has set up a hotline for people to call with their concerns.

Both UPMC and CHJ encourage those who have been potentially affected to review account statements, credit reports, and explanation of benefits forms, and immediately report any suspicious activity found to their insurance company, healthcare provider or financial institution.

Back to HCB News

You Must Be Logged In To Post A Comment