Endocrine and Psychiatry Center
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
The Endocrine and Psychiatry Center, located in Texas, experienced a data breach that was discovered prior to March 20, 2023. The breach affected 28,531 individuals, compromising sensitive personal information including full names, Social Security numbers, driver’s licenses or other government identification numbers, dates of birth, financial account information, credit or debit card information, treatment/diagnosis information, and health insurance information[3][5].
The breach involved data generated before 2017, and a comprehensive review of the affected files was concluded on October 15, 2023[5]. The Center began informing individuals of the breach through mailed notice letters[3]. The information stolen is considered valuable and could potentially lead to identity theft or other fraudulent activities[3].
The incident was reported to the Maine Attorney General’s Office as an “External system breach (hacking)”[7][9]. There is an ongoing investigation by Migliaccio & Rathod LLP into the breach[3]. Additionally, there has been some controversy regarding the Center’s reporting of the breach, with suggestions that the breach may have been reported as a hack when it was actually due to the data being improperly secured[7][11].
Affected individuals were offered complimentary credit monitoring services if their Social Security number was impacted[9]. The Endocrine and Psychiatry Center has faced criticism for the way the breach was disclosed and handled, with concerns about the accuracy of the reported number of affected individuals and the timing of the discovery and notification[7].
Citations:
- https://abingtonlaw.com/Endocrine-Psychiatry-Center-Data-Breach-class-action-lawsuit.html
- https://cookcountyhealth.org/join-our-team/
- https://classlawdc.com/2023/11/15/endocrine-and-psychiatry-center-data-breach-investigation/
- https://www.nejm.org/doi/full/10.1056/NEJMoa2307563
- https://www.hipaajournal.com/healthcare-data-breach-round-up-november-16-2023/
- https://walterreed.tricare.mil
- https://www.databreaches.net/does-claiming-you-were-hacked-when-you-had-really-just-screwed-up-violate-the-ftc-act/
- https://www.huntingtonhealth.org
- https://apps.web.maine.gov/online/aeviewer/ME/40/d68fcc57-f7a4-4e71-a320-68f2e4c9aa37.shtml
- https://horseshoe.musc.edu
- https://www.databreaches.net/no-need-to-hack-when-682000-medical-records-are-leaking-monday-edition/
- https://www.chron.com/news/houston-texas/article/cyberattack-houston-harris-county-texas-18330891.php
- https://apps.web.maine.gov/online/aeviewer/ME/40/d68fcc57-f7a4-4e71-a320-68f2e4c9aa37/eba6f7c2-fa47-4bcc-b4a8-ec6dcfe4d504/document.html
- https://www.defensorum.com/data-breaches-at-medical-eye-services-peakmed-prospect-medical-services-and-4-more-healthcare-providers/