In a security notice, Cancer Treatment Centers of America and Midwestern Regional Medical Center said it identified suspicious activity from the email account of an account holder on January 18.
A version of this article was first published April 20, 2021, by HCPro's Revenue Cycle Advisor, a sibling publication to HealthLeaders.
Cancer Treatment Centers of America and Midwestern Regional Medical Center (CTCA) based in Zion, Illinois, reported a breach last month potentially affecting 104,808 individuals, according to the Office for Civil Rights (OCR) breach report.
In a security notice, CTCA, which has facilities across the Midwest, said it identified suspicious activity from the email account of a CTCA account holder on January 18. The ensuing investigation revealed that an unauthorized user may have had access to information on the email account between January 12 and January 18. The password to the account was promptly changed, CTCA said, and the previous credentials were no longer able to access the account.
Information that may have been available to the unauthorized user included:
- CTCA account number
- Health insurance information
- Limited medical information
- Medical record number
CTCA said Social Security numbers and financial information were not involved in the incident.
In the letter sent to potentially affected individuals, CTCA recommended that individuals regularly monitor an explanation of benefits received from their health plans.
CTCA also noted that it has implemented additional security measures, continues to evaluate other security enhancements, and remains diligent in educating the workforce about security threat.
Revenue Cycle Advisor combines all of HCPro's Medicare regulatory and reimbursement resources into one handy and easy-to-access portal. News is not just repeated from other sources. It is analyzed by our Medicare experts so professionals can comprehend any new rule and regulatory updates thoroughly. Learn more.