About 600,000 patients of the largest independent physician group in Illinois were affected by a security breach in July.
A medical group in Illinois, DuPage Medical Group, is notifying 600,000 patients about a possible breach of their personal information. DuPage Medical Group is the largest independent physicians group in the state.
The data may have been compromised during a cyberattack in July. The computer and phone outage, which lasted for about a week, was caused by unauthorized access to the group’s network. According to the company, it was determined that the outage was caused by the unauthorized actors who compromised its network between July 12 and July 13.
The investigators discovered that files containing patient information might have been compromised. The compromised files contained names, dates of birth, diagnosis codes, and codes that indicated medical procedures and treatment details. Social Security numbers may have been compromised too for some patients.
The medical group said it is not aware of any patient’s personal information being misused after the data breach.
“The health care sector is under attack by cybercriminals who have no regard for the health or well-being of others,” Steve Nelson, CEO of DuPage Medical Group, said in a statement. “Our physicians and team members have worked tirelessly to provide personalized care for our patients, despite facing significant challenges.”
Identity theft and credit monitoring are available to help impacted people protect themselves from potentially fraudulent activities.
The hospital group has implemented additional security measures and is reviewing its policies.
Health care organizations have become increasingly vulnerable to cybercrimes. So far this year, 21 Illinois organizations have reported data breaches that affected 500 or more people.
If the attack on the medical group was as big as feared, it would be the biggest data breach in Illinois history, according to the information reported to the U.S. Department of Health and Human Services.