According to the report, two employee emails were targeted during an email phishing cyberattack discovered April 6.
After confirming the data was compromised, the ASC secured computer systems, reset passwords and conducted an investigation with a third party. The investigation showed that the unauthorized party had access to the emails from February 14 to May 10, a month after the breach was discovered. The source of the breach was not identified until September.
Patient names, Social Security numbers, driver’s license numbers, health benefit enrollment information, health insurance information, medical history, patient account numbers and dates of service were compromised. The ASC notified patients of the breach Oct. 31.
At the Becker's 23rd Annual Spine, Orthopedic and Pain Management-Driven ASC + The Future of Spine Conference, taking place June 11-13 in Chicago, spine surgeons, orthopedic leaders and ASC executives will come together to explore minimally invasive techniques, ASC growth strategies and innovations shaping the future of outpatient spine care. Apply for complimentary registration now.
