Atlanta Allergy & Asthma began notifying nearly 10,000 patients Aug. 10 that their protected health information was removed from the clinic's IT network in connection with a January cyberattack.
The clinic discovered unauthorized access to its network between Jan. 5 and 13. Atlanta Allergy & Asthma on July 8 found out that certain patient information had been removed from its network during the attack.
The clinic reported the breach to HHS in April as affecting 9,851 individuals and listed the following types of information exposed: names, Social Security numbers, birthdates, financial account numbers and/or routing numbers, diagnoses, procedure types and patient account numbers, among others.
Atlanta Allergy & Asthma said it is not aware of any reports of identity fraud or improper use of PHI as a result of the cyberattack.