FMC Services, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

FMC Services, LLC, a healthcare services company based in Amarillo, Texas, experienced a significant data breach in 2022, impacting the sensitive information of 233,948 individuals. The breach was confirmed on September 23, 2022, after the company detected suspicious network activity on July 26, 2022, and identified it as a cybersecurity attack involving unauthorized access to its computer network. The attackers demanded a ransom, prompting FMC Services to secure its systems, halt unauthorized access, and initiate an investigation with the help of an independent cybersecurity firm. This investigation confirmed that the hackers could access certain files on the FMC network, leading to the potential exposure of names, addresses, Social Security numbers, dates of birth, and protected health information (PHI) of patients and former patients[1][2].

FMC Services operates a network of primary care medical clinics under the name of Family Medicine Centers throughout Texas, including locations such as FMC of Canyon, FMC of Coulter, FMC of Georgia, FMC 34th & Coulter, and CareXpress Urgent Care. The company has a team of over 75 doctors across these locations[1].

In response to the breach, FMC Services took several steps to address the situation and mitigate the risks to affected individuals. These included securing the services of Kroll to provide identity monitoring at no cost for one year to those impacted. The company also reviewed and enhanced its policies, procedures, and security measures to better protect the privacy and security of information within its systems[2].

The breach at FMC Services, LLC was part of a larger trend of healthcare data breaches in Texas and across the United States, with healthcare institutions being prime targets due to the sensitive nature of the information they hold. The incident was reported to the U.S. Department of Health and Human Services Office for Civil Rights and highlighted in various legal and news reports, underscoring the ongoing challenges and risks associated with cybersecurity in the healthcare sector[3].

Following the breach, several lawsuits were filed against FMC Services, LLC, which were later consolidated into one action in Potter County. These lawsuits alleged negligence and violations of the Health Insurance Portability and Accountability Act (HIPAA), claiming that FMC Services failed to adequately protect patients’ sensitive information. The legal actions sought various forms of relief, including damages, reimbursement of out-of-pocket costs, and improvements to FMC’s data security systems[4].

FMC Services, LLC has responded to the consolidated class action petition, denying the claims and invoking a general denial of the allegations. The company emphasized its commitment to improving the security of its network environment and protecting patients’ information[10].

Citations:

  1. https://www.jdsupra.com/legalnews/fmc-services-llc-announces-data-breach-6165700/
  2. https://oag.ca.gov/system/files/ELN-15665%20Family%20Medicine%20Centers%20Adult%20CM%2012%20Months%20Patient%20r2prf.pdf
  3. https://kvia.com/news/texas/stacker-texas/2023/08/03/the-biggest-health-care-data-breaches-you-should-know-about-in-texas/
  4. https://www.myhighplains.com/crime/district-court/4-family-medicine-centers-data-breach-related-lawsuits-combined-into-one-action-in-potter-county/
  5. https://healthitsecurity.com/news/primary-care-clinic-network-suffers-healthcare-data-breach-233k-impacted
  6. https://www.hipaajournal.com/more-than-233000-patients-affected-by-cyberattack-on-fmc-services/
  7. https://news.bloomberglaw.com/ip-law/fmc-seeks-to-shift-fracking-pump-inventor-fight-to-federal-court
  8. https://www.msdlegal.com/blog/2022/09/fmc-services-llc-data-breach-class-action-investigation/
  9. https://nationalmortgageprofessional.com/news/first-mortgage-founder-ordered-pay-31m-damages-caploc
  10. https://www.myhighplains.com/news/local-news/family-medicine-centers-services-llc-responds-to-class-action-petition-in-potter-county/
  11. https://classlawdc.com/2022/10/04/data-breach-family-medicine-centers-fmc-llc-of-amarillo-texas/
  12. https://www.turkestrauss.com/2022/09/28/family-medicine-centers-data-breach-investigation/
  13. https://www.scmagazine.com/analysis/family-medical-reports-informs-234k-patients-of-possible-data-compromise
Breach Submission Date Sep 23, 2022
Converted Entity Name FMC Services, LLC
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 233,948
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes