A ransomware attack on Colorado debt-collections agency Professional Finance Company targeted the information of 1.9 million patients across 657 healthcare providers. The attack is one of the largest US medical information breaches this year.
“An unauthorized third party” could have accessed sensitive information such as names, addresses, payments made to accounts, date of birth, Social Security number, health insurance and medical treatment information PFC’s systems, the company said in its ransomware notice. It “found no evidence that personal information [had] been specifically misused.”
The news comes as increased cyber attacks and data breaches affect users all over the world.
PFC disclosed the security breach only recently, with the attack occurring in February and PFC notifying impacted providers in May. It’s taken measures since the attack to address affected systems through bolstered network security and policy revisions to the storage of information, the notice states.
Since the incident, its “network environment has been under 24/7 monitoring by cybersecurity experts to mitigate the chance of a future incident,” PFC General Counsel Nicholas Prola told CNET.
