Atrium Health hit with a major data breach which impacted 2.65 million patients, attackers accessed the patient’s personal information. The intrusion occurred between Sept. 22-29.
Hackers gained access to the data stored in a third-party system owned by AccuDoc Solutions Inc., which provides billing services to Atrium and other 50 medical centers.
The personal information including names, addresses, dates of birth, invoice numbers, account balances, dates of service, insurance policy information and Social Security numbers are compromised, Atrium says in a report to Bizjournals.
Atrium confirms no medical records nor financial information was impacted with the data breach as they stored in their core system and not associated with AccuDoc.
The breach was reported by AccuDoc to Atrium on Oct. 1, according to the forensic investigations, the hackers only able to obtain the read-only permission for the data and they were not able to remove or download data.
Affected locations include Atrium Health facilities and partner sites at Blue Ridge Healthcare System, Columbus Regional Health Network, New Regional Medical Center Physician Group, Scotland Physicians Network, and St. Luke’s Physician Network.
“Atrium notifying the patients about the breach and guarantors who may have been impacted by this incident. We take cybersecurity very seriously, and we’ve worked very hard to determine exactly what happened and how to prevent,” reads Atrium statement.