Data breach at chain of clinics impacts 450K patients
The largest physician-led vein center in the U.S. announced it has suffered a data breach, which resulted in hackers stealing personal data on 446,094 patients.
The Center for Vein Restoration (CVR) announced the breach last week, though the incident was first noticed on Oct. 6. In a statement, the nationwide medical chain said both medical information and personal details on patients were taken in the attack.
Data taken includes names, addresses, dates of birth, Social Security numbers, driver’s license numbers, medical record numbers, diagnoses, lab results, medications, treatment information, health insurance details, provider names, dates of treatment, and financial information.
Patients from all over the U.S. have been affected. Aditionally, current and former employees also had their data leaked to hackers, CVR added.
CVR confirmed the unauthorized third party had access to its files but stopped short of saying they were moved off site. To date, there are no reports of the data trove being posted for sale on the dark web.
However, the notice from CVR does not provide many details. Details on the nature of the attack, scope of the breach, and how cybercriminals gained access to protected systems are still unknown.
HealthExec has reached out for comment.
CVR is asking affected patients, all of whom it said have now been notified, to monitor their financial statements and medical bills to ensure accuracy. They have offered the legally required identity theft protection services as recompense for the breach.
Internally, CVR said it hired a cyber forensics firm to investigate the breach. Additionally, it claims to have “implemented, and will continue to adopt, additional safeguards and technical security measures to further protect and monitor our systems.”
CVR operates 110 clinics in 21 states and Washington D.C.
Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.