21st Century Oncology, a cancer care service based in Fort Myers Florida has admitted that malicious operators may have hacked the personal data of some 2.2 former and current patients.
The physician-led cancer treatment company, which runs 181 treatment centers in North and Latin America with 145 centers in the United States alone, revealed a breach of its systems that may have potentially exposed private information of over 2 million patients and employees.
The clinic was originally informed of the breach by the FBI in November 2015. However, the Feds requested that the news of the breach be kept under wraps until an investigation had been completed. The investigation revealed that the data breach occurred on October 3, 2015, while the FBI notified the company of the breach over a month later, on November 13, 2015.
The breach came to light after the FBI discovered that an ‘unauthorized third party’ may have hacked one of the cancer treatment company’s databases.
The details contained in the targeted database that the hacker or hacking group may have accessed include:
- Patients’ names
- Social security numbers
- Physicians’ names
- Diagnosis and treatment information
- Insurance information
A statement by the company revealed that there has been no indication that the possibly-breached information has been misused after the database was hacked. However, the company cites an “abundance of caution” as the reason behind its reaching out to over 2 million affected patients.
An excerpt from the statement read:
We deeply regret any concern this may cause our patients, and we want to emphasize that patient care will not be affected by this incident.
Furthermore, 21st Century Oncology is also offering a free year of credit protection service to all affected patients. The statement also claims that there is no evidence of any medical records being accessed as a result of the breach.
Featured image from Shutterstock.