A ransomware attack on Practicefirst Medical Management Solutions and PBS Medcode has left more than 1 million people exposed after hackers stole patient files.
The vendor provides billing and coding services on behalf of hospitals and health systems, according to a data breach notice posted by Maine's attorney general.
Four things to know:
- Hackers infiltrated Practicefirst's systems Dec. 25 and launched a ransomware attack. The firm discovered the breach on Dec. 30. Hackers tried to steal files with patient and employee information.
- Upon discovering the attack, the vendor shut down its systems, changed passwords, alerted law enforcement and hired cybersecurity experts.
- An investigation discovered that hackers copied protected health information, exposing 1,210,688 people. Stolen data includes names, Social Security numbers, bank account information, treatment-related information and more.
- In response to the attack, the firm is deploying additional security protocols to protect its network, email environment and computer systems.