A major data breach has been reported by Greeley, CO-based customer account management company Professional Finance Company Inc. (PFC) that has reportedly affected 657 of its healthcare provider customers.
According to PFC’s website, the company is one of the nation’s leading debt collection agencies and its client list includes many healthcare providers, retailers, financial organizations and government agencies. According to the company’s replacement breach notice, a sophisticated ransomware attack was detected and blocked on February 26, 2022; however, not in time to prevent some of its computer systems from being disabled.
Third-party forensics specialists have been engaged to investigate the breach and provide assistance in securing its environment. This investigation confirmed that an unauthorized third party had gained access to systems containing patient information of its healthcare provider customers, and that files containing patient data had been accessed. PFC said it sent notification letters to all customers of affected healthcare providers on May 5, 2022 and has since sent notification letters to all affected individuals.
The investigation found no evidence of misuse of patient data, but data theft and misuse could not be ruled out. Types of information potentially accessible in the attack included names, addresses, accounts receivable balances, information regarding payments made to accounts and, for some individuals, dates of birth, social security numbers. , health insurance information and medical treatment information.
PFC said it provides free credit monitoring and identity theft protection services to those affected. Unlike several recent data breaches at business associates of HIPAA-covered entities, PFC has released a list of impacted healthcare providers.
The incident has not yet been published on the HHS Civil Rights Office website. So it’s unclear how many patients were affected by the breach, but with 657 healthcare providers affected, it could be one of the largest healthcare data breaches. worth noting this year.