A third party gained access to the computer network of two pediatric care providers with offices in Hampton Roads, putting patients’ personal information at risk.
Connexin Software, which manages the internal software for pediatric physician practice groups, disclosed the breach Thursday night on behalf of two of its clients: Children’s LTD and Renaissance Pediatrics. In a statement, Connexin said medical records, physician group systems and databases, were not affected and the company is not aware of “any actual or attempted misuse of personal information.”
Patient information that “may” have been accessed includes names, addresses, email addresses, dates of birth, Social Security Numbers, health insurance information, dates of medical services, information about medical procedures and diagnoses, and billing information, according to Connexin.
Additionally, the parents, guardians and guarantors of the patients may have had their information accessed by the third party.
Renaissance Pediatrics has an office in Chesapeake, and Children’s LTD has offices on the Peninsula. It’s unclear how many patients they serve in the region.
A spokesperson for Connexin did not respond to a request for comment Friday.
Connexin detected a “data anomaly” in its internal network on Aug. 26 and launched an investigation. On Sept. 13, the company learned an unauthorized third party “was able to access an offline set of patient data used for data conversion and troubleshooting and remove some of that data from the internal network,” the company said.
“As soon as we discovered the incident, we immediately took action to stop the unauthorized activity,” the company said in a statement. “We reset the passwords of all corporate accounts and moved all patient data used for data conversion and troubleshooting into an environment with even greater security. Connexin also retained a third-party cybersecurity forensic firm to investigate the issue and is working with law enforcement to investigate the incident.”
Connexin advised those may have had their information affected by this breach to carefully review their credit reports and statements sent from providers and from their insurance provider to make sure their account activity is correct.
The company is providing complimentary identity monitoring and credit monitoring services to anyone whose information may have been impacted by this breach. Those interested in these services can visit https://www.officepracticum.com/subtitute-notice/ or call toll-free 855-532-0912.
Gavin Stone, 757-712-4806, firstname.lastname@example.org