Lake Success, N.Y.-based Personal-Touch Home Care, a branded home healthcare company that provides services across the state, has notified more than 157,000 patients that their information may have been exposed in a ransomware attack against a third-party vendor.
Crossroads Technologies, which supports Personal-Touch Home Care's EHR through the cloud, was the victim of a ransomware attack. The cloud-hosting provider first notified Personal-Touch Home Care of the attack on Dec. 1, 2019.
After being notified by Crossroads Technologies, Personal-Touch Home Care worked with the cloud provider during the investigation. The two also consulted with third-party forensic analysists and the FBI to determine the scope of the breach.
Patient data that may have been exposed included medical treatment information, insurance card and health plan benefit numbers, medical record numbers, names, addresses, phone numbers, dates of birth and Social Security numbers.
Personal-Touch Home Care recommends patients place fraud alerts on their credit cards and monitor account statements from any healthcare providers.