"Hackers Hit Healthcare Data Management Company"

The protected health information (PHI) of thousands of individuals may have been exposed in a hacking incident at a healthcare information management company based in Georgia.  Ciox Health, headquartered in Alpharetta, provides various services, including information release, medical record retrieval, and health information management to more than 30 healthcare providers.  According to a notice recently issued by Ciox Health, an unauthorized person accessed the email account of a Ciox employee between June 24, 2021 and July 2, 2021.  The company warned that the threat actor may have used that access to download emails and attachments associated with the compromised account.  Information that the adversary may have accessed included patient names, provider names, dates of birth and/or dates of service.  Social security numbers or driver’s license numbers, health insurance information and/or clinical or treatment information were also exposed in what Ciox described as “very limited instances.”  The data breach was reported to the US Department of Health and Human Services’ Office for Civil Rights on December 30 as a hacking/IT incident impacting 12,493 individuals. 

Infosecurity reports: "Hackers Hit Healthcare Data Management Company"