PeakTPA, a company that manages the Program of All-Inclusive Care for the Elderly claims for Medicare and Medicaid users, began notifying 50,000 patients that their data was breached after data from two of PeakTPA's cloud servers was stolen.
On Dec. 31, 2020, PeakTPA learned about the stolen data. The data may have included patients' Social Security numbers, full name and medical treatment information, the company said in a notice on its website.
On Jan. 27, 2021, the criminal group behind the attack, Netwalker, was broken up by the FBI. PeakTPA said Netwalker's leader was arrested and its assets seized.
PeakTPA hired Kroll to provide free identity monitoring, fraud consultation and identity theft restoration to affected patients for three years.
To read the full notice, click here.
More articles on cybersecurity:
Wisconsin health department accidentally exposes email addresses of 907 COVID-19 vaccine registrants
Utah COVID-19 testing company stored data on public server, exposing 52,000 patients' info
American Medical Collection Agency reaches 40-state settlement for data breach that exposed 21 million patients' info