According to an Aug. 12 article from JD Supra, on July 22, the Surgery Center of Mid Florida (“SCOMF”) filed a notice of data breach with the Attorney General of Massachusetts after discovering patient data was leaked after an unauthorized party was able to access its computer network.
The article says that “In this notice, SCOMF explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, addresses, dates of birth, health information, health insurance information, and financial account information. Upon completing its investigation, SCOMF began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.”
The article adds that the breach was recently announced, and more information is expected to come soon. Although, the filing and the notice on SCOMF’s website says that in February of this year SCOMF realized that its computer network had been encrypted and the organization launched an investigation.
“Through this investigation, SCOMF confirmed that unauthorized parties were able to access sensitive patient information through a vendor that SCOMF uses for certain IT services,” the article states. “Evidently, SCOMF’s IT vendor was hacked first, and then the unauthorized user used the connection between SCOMF and its vendor’s network to attack SCOMF’s systems directly.”
On July 22, SCOMF sent out data breach letters to anyone who was affected by the data security incident.