PJ&A (Perry Johnson & Associates) is warning {that a} cyberattack in March 2023 uncovered the private info of just about 9 million sufferers.
PJ&A offers medical transcription providers to healthcare organizations in america.
The corporate stated the menace actors breached their community and had entry between March 27 and Might 2, 2023. Its investigation revealed that the next info had been uncovered to the menace actors:
- Full identify
- Date of beginning
- Medical document quantity
- Hospital account quantity
- Admission analysis
- Date and time of service
- Social Safety numbers (SSNs)
- Insurance coverage info
- Medical transcription recordsdata (lab and diagnostic check outcomes)
- Remedy particulars
- Therapy facility and healthcare supplier names
PJ&A started sending notices of a data breach on October 31, 2023, to alert impacted people that their delicate healthcare info had been compromised.
Supply: BleepingComputer
The info uncovered for every particular person varies relying on what info they offered to the healthcare providers and the kind of therapy they acquired.
The data accessed by the unauthorized celebration doesn’t embody monetary info or account credentials.
The precise variety of the folks affected by this cyber-incident had remained unknown till PJ&A submitted the related info to the breach portal of the U.S. Division of Well being and Human Providers Workplace for Civil Rights, which now confirms the quantity to be 8,952,212 sufferers.
Beforehand, Chicago’s largest healthcare supplier, Cook dinner County Well being (CCH), notified 1.2 million sufferers that their medical data had been breached within the PJ&A incident, asserting that it might terminate its relationship with the seller consequently.
Yesterday, Northwell Well being, New York’s largest healthcare supplier, introduced it suffered an oblique data breach ensuing from the PJ&A community compromise. The notification states that Northwell knowledge was stolen between April 7 and April 19.
The variety of impacted people who acquired care in Northwell Well being’s clinics and had their delicate info uncovered on this incident surpasses 3.8 million.
This implies one other 4 million folks whose medical knowledge was uncovered via different healthcare suppliers haven’t been notified but.
Bleeping Laptop has contacted PJ&A with additional questions concerning the assault, however a remark was not instantly out there.
