An urgent warning has been issued to more than one million Americans after their medical records were stolen in a data breach.
Community Health Center (CHC), based in Connecticut, has begun emailing 1,060,936 patients to notify them that it ‘found that a skilled criminal hacker got into our system and took some data, which might include your personal information.’
The data may included the patient’s name, date of birth, address, phone number, email, diagnoses, treatment details, test results, Social Security number, and health insurance information.
The breach, which occurred on October 14, 2024, impacted current and former patients, ‘and all individuals who received a COVID test or vaccine at a CHC clinic.’
CHC determined the hacker infiltrated ‘its inadequately secured computer environment,’ gaining access to its data files.
The company said it ‘added special software to watch for suspicious activity.’
The law firm investigating claims on behalf of patients said: ‘These individuals’ personal and highly sensitive information may be in the hands of cybercriminals who can place the information for sale on the dark web or use the information to perpetrate identity theft.’
Murphy Law Firm is currently investigating the breach to determine if a class action lawsuit can be filed against CHC.
Community Health Center (CHC), based in Connecticut , has begun emailing 1,060,936 patients to notify them that it ‘found that a skilled criminal hacker got into our system and took some data, which might include your personal information’
CHC noted that patients who received a COVID test or vaccine at one of its clinics likely had their name, date of birth, phone number, email, address, gender, race, ethnicity and insurance information stolen.
The data breach was discovered when CHC noticed ‘unusual activity’ in its computer system last month.
‘That same day, we brought in experts to investigate and reinforce the security of our systems,’ the company email to patients reads.
‘The criminal hacker did not delete or lock any of our data, and the criminal’s activity did not affect our daily operations.
‘We believe we stopped the criminal hacker’s access within hours, and that there is no current threat to our systems.
‘So far, there is no sign that your information has been misused.’
DailyMail.com has reached out to CHC for comment.
The company has provided patients with free access to IDX, a company that monitors credit and helps protect data.
The data breach was discovered when CHC noticed ‘unusual activity’ in its computer system last month
‘If you need help, IDX will work with you to fix any issues with your identity,’ stated CHC.
The HIPPA journal found there were an average of 16,395,000 records breached each month in 2024.
‘The healthcare industry has some of the worst cybersecurity practices in the nation,’ Senator Mark Warner said, ‘despite its critical importance to Americans’ well-being and privacy.’
The HIPPA report, however, noted that the number for 2024 was ‘skewed by the massive data breach at Change Healthcare which affected an estimated 100 million individuals.’
Change Healthcare, owned by UnitedHealth Group, fell victim to a cyberattack in February, but revealed the full scale of the attack in October.
It first reported in July that only 500 patients’ records had been compromised, but later found the number to be at least 100 million.
The BlackCat/ALPHV ransomware group was behind the attack, hoping to make a million-dollar payout.
Change Healthcare was said to have paid a $22 million ransom, but the attackers claimed they were not paid and provided the stolen data to another group that then attempted a second extorsion of the company.
‘Not only was this the largest healthcare data breach of all time it also caused more disruption than any other healthcare cyberattack due to the number of healthcare organizations that relied on Change Healthcare’s systems and the prolonged outage,’ the HIPPA journal report stated.
‘The attack prevented patients from obtaining medications unless they were able to pay for them out of their own pockets, and the outage caused severe disruption to healthcare providers’ revenue cycles, pushing many small practices to the brink of closure.’
