Skip to content

Data breach of pediatricians’ computer network…

55°F
Saturday, April 20th 2024

e-Edition

Evening Edition

Top Picks:

NewsHealth

Data breach of pediatricians’ computer network ‘may’ have exposed patient data

<p>Throughout the next decade, privacy-related stories popped up in the news and caused a momentary uproar, but no substantive change. In 2009, internal documents from Wal-Mart were released, indicating it had suffered a data breach from a foreign actor in 2004 and 2005. According to reports, the hackers were trying to obtain credit card information from shoppers at brick-and-mortar stores.</p> <p>Just one year later, Google announced that during the creation of its new tool Street View, it had "mistakenly collected" information sent via unencrypted WiFi networks using Street View cars. The event caused the appointment of Alma Whitten as Google's director of privacy.</p> <p>Perhaps one of the more disturbing data privacy stories during this time period was not a hack or mistake, but instead the intentional personalization of advertising material by Target.</p> <p>Based on her buying history at Target, a Minneapolis high schooler began receiving personalized coupons in the mail for maternity and newborn items. Her father angrily complained to his local Target store, only to have his daughter announce her pregnancy soon thereafter. The idea a company may know about your most personal information without you informing it became a prescient fear in the collective American psyche.</p>
TippaPatt // Shutterstock
Throughout the next decade, privacy-related stories popped up in the news and caused a momentary uproar, but no substantive change. In 2009, internal documents from Wal-Mart were released, indicating it had suffered a data breach from a foreign actor in 2004 and 2005. According to reports, the hackers were trying to obtain credit card information from shoppers at brick-and-mortar stores. Just one year later, Google announced that during the creation of its new tool Street View, it had “mistakenly collected” information sent via unencrypted WiFi networks using Street View cars. The event caused the appointment of Alma Whitten as Google’s director of privacy. Perhaps one of the more disturbing data privacy stories during this time period was not a hack or mistake, but instead the intentional personalization of advertising material by Target. Based on her buying history at Target, a Minneapolis high schooler began receiving personalized coupons in the mail for maternity and newborn items. Her father angrily complained to his local Target store, only to have his daughter announce her pregnancy soon thereafter. The idea a company may know about your most personal information without you informing it became a prescient fear in the collective American psyche.
Author
By | gavin.stone@virginiamedia.com | Staff writer
PUBLISHED: | UPDATED:

A third party gained access to the computer network of two pediatric care providers with offices in Hampton Roads, putting patients’ personal information at risk.

Connexin Software, which manages the internal software for pediatric physician practice groups, disclosed the breach Thursday night on behalf of two of its clients: Children’s LTD and Renaissance Pediatrics. In a statement, Connexin said medical records, physician group systems and databases, were not affected and the company is not aware of “any actual or attempted misuse of personal information.”

Patient information that “may” have been accessed includes names, addresses, email addresses, dates of birth, Social Security Numbers, health insurance information, dates of medical services, information about medical procedures and diagnoses, and billing information, according to Connexin.

Additionally, the parents, guardians and guarantors of the patients may have had their information accessed by the third party.

Renaissance Pediatrics has an office in Chesapeake, and Children’s LTD has offices on the Peninsula. It’s unclear how many patients they serve in the region.

A spokesperson for Connexin did not respond to a request for comment Friday.

Connexin detected a “data anomaly” in its internal network on Aug. 26 and launched an investigation. On Sept. 13, the company learned an unauthorized third party “was able to access an offline set of patient data used for data conversion and troubleshooting and remove some of that data from the internal network,” the company said.

“As soon as we discovered the incident, we immediately took action to stop the unauthorized activity,” the company said in a statement. “We reset the passwords of all corporate accounts and moved all patient data used for data conversion and troubleshooting into an environment with even greater security. Connexin also retained a third-party cybersecurity forensic firm to investigate the issue and is working with law enforcement to investigate the incident.”

Connexin advised those may have had their information affected by this breach to carefully review their credit reports and statements sent from providers and from their insurance provider to make sure their account activity is correct.

The company is providing complimentary identity monitoring and credit monitoring services to anyone whose information may have been impacted by this breach. Those interested in these services can visit https://www.officepracticum.com/subtitute-notice/ or call toll-free 855-532-0912.

Gavin Stone, 757-712-4806, gavin.stone@virginiamedia.com

More in News

Trending Nationally