November 28, 2018
Atrium Health has revealed a data breach of 2.65 million patients which exposed confidential information such as names, home addresses, dates of birth, insurance policy information, service dates, medical record numbers, and account balances. According to a ZD Net article:
“One record accessed is one too many,” Atrium Health told us in relation to the breach, which was caused by the organization’s billing vendor, a third-party known as AccuDoc Solutions.
Between September 22 and September 29, an unauthorized threat actor was able to gain access to databases containing the records, which included names, home addresses, dates of birth, insurance policy information, service dates, medical record numbers, and account balances. In addition, roughly 700,000 Social Security numbers were exposed. Financial information such as credit card numbers is not thought to be at risk.
The records were held in relation to payments made at an Atrium Health location, alongside Atrium Health-managed locations including Blue Ridge HealthCare System, Columbus Regional Health Network, NHRMC Physician Group, Scotland Physicians Network, and St. Luke’s Physician Network.”
A company bio from the Atrium website:
Atrium Health (formerly Carolinas HealthCare System) is one of the nation’s leading healthcare organizations, connecting patients with on-demand care, world-class specialists and the region’s largest primary care network. A recognized leader in healthcare delivery, quality and innovation, our foundation rests on providing clinically excellent and compassionate care. We’ve been serving our community since 1940, when we opened our doors as Charlotte Memorial Hospital. Since then, our network has grown to include more than 40 hospitals and 900 care locations ranging from doctors’ offices to behavioral health centers to nursing homes. Our focus: delivering the highest quality patient care, supporting medical research and education, and joining with partners outside our walls to keep our community healthy.