It's difficult for a small practice when it comes to cyber security, but now we have seen an attack of a third party that affected data from dental practices. It seems that Professional Finance Company, a third party company that provides accounts receivable services for offices, suffered a ransomware attack.
From what I've discerned, no dental offices were actually compromised, however because PFC had information dealing with collections, there was information on patients. It's difficult to tell if any health information was compromised. Since the company helped with collections, I suppose it is possible that something like services billed might have been compromised.
Part of PFC's statement reads:
PFC found no evidence that personal information has been specifically misused; however, it is possible that the following information could have been accessed by an unauthorized third party: first and last name, address, accounts receivable balance and information regarding payments made to accounts, and, in some cases, date of birth, Social Security number, and health insurance and medical treatment information
If you are interested in reading the entire Notice of Cybersecurity Incident report from PFC, this link will take you there.
No comments:
Post a Comment