Founder Project Rx, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Overview of the Founder Project Rx, Inc. Data Breach

Founder Project Rx, Inc., doing business as Encore Pharmacy, experienced a significant data breach that was discovered on July 24, 2023. This breach involved unauthorized access to an employee’s email account, leading to the potential exposure of sensitive personal identifiable information (PII) and protected health information (PHI) of over 2,200 individuals[1]. The compromised information includes names, Social Security numbers, dates of birth, driver’s license numbers, medical information, and health insurance information[1].

Encore Pharmacy, a family of six brick-and-mortar pharmacies located in Texas, Illinois, and Mississippi, specializes in providing retail and specialty medications. The company offers a range of services including medical management, clinical instruction, benefit investigation, and financial assistance services, particularly to customers with complex chronic conditions[1]. Originally founded as ReCept Pharmacy in 1978, it rebranded to Encore Pharmacy in February 2023[1].

Upon discovering the breach, Encore Pharmacy took immediate steps to secure the affected account and began an investigation to understand the scope and impact of the incident. The company started notifying affected individuals on September 15, 2023, and offered them free credit monitoring services[1]. Additionally, Encore Pharmacy has advised impacted individuals to review their account statements and credit reports for signs of fraud or identity theft and to consider placing a fraud alert on their credit files[1].

The breach has prompted legal investigations by firms specializing in data breach cases, exploring the rights and potential legal remedies for those affected[1]. This incident is part of a larger trend of healthcare data breaches, highlighting the ongoing challenges healthcare providers face in protecting sensitive patient information against unauthorized access and cyberattacks[6].

Legal and Consumer Response

In response to the breach, affected individuals are encouraged to take proactive steps to protect their personal information, including enrolling in the offered credit monitoring services, changing passwords for online accounts, and monitoring their financial and medical statements for any unauthorized activity[1]. Legal firms are investigating the breach and may offer representation to those impacted, seeking to address potential violations of privacy and data protection laws[1].

This breach underscores the critical importance of robust cybersecurity measures and employee training on data security practices within the healthcare sector. As healthcare providers continue to be a target for cyberattacks, it is imperative for organizations to continually assess and enhance their data protection strategies to safeguard patient information.


References:

  1. Turke & Strauss LLP’s investigation into the data breach at Founder Project Rx, Inc. d/b/a Encore Pharmacy, detailing the breach’s discovery, the information compromised, and steps taken by the company[1].

  2. HIPAA Journal’s September 2023 Healthcare Data Breach Report, listing Founder Project Rx, Inc. among other healthcare providers affected by hacking/IT incidents, emphasizing the prevalence of such breaches in the healthcare industry[6].

Citations:

  1. https://www.turkestrauss.com/2023/09/20/founder-project-rx-data-breach-investigation/
  2. https://www.idstrong.com/sentinel/truepill-data-breach-exposes-23-million-patients/
  3. https://www.ctvnews.ca/politics/as-pharmacare-deadline-looms-singh-mulls-a-future-without-ndp-s-deal-with-liberals-1.6767155
  4. https://www.jdsupra.com/legalnews/encore-pharmacy-files-notice-of-data-8354013/
  5. https://www.businessinsider.com
  6. https://www.hipaajournal.com/september-2023-healthcare-data-breach-report/
  7. https://www.cbsnews.com/?ftag=CNM-16-10abc6g
  8. https://www.mass.gov/lists/data-breach-notification-letters-september-2023
  9. https://www.wsj.com/?%252525252525253butm_=undefined&webview=true
  10. https://www.classaction.org/data-breach-lawsuits/archive
  11. https://cointelegraph.com
  12. https://dojmt.gov/consumer/databreach/
  13. https://www.washingtonpost.com
  14. https://www.calhipaa.com/healthcare-data-breach-report-in-september-2023/
  15. https://en.wikipedia.org/wiki/Copyright
  16. https://breachdata.topwords.me/states/TX?limit=20&offset=40&sort=data_accessed
  17. https://www.multiplan.us
Breach Submission Date Sep 15, 2023
Converted Entity Name Founder Project Rx, Inc.
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 30,836
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes