HORNE, LLP
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Horne, LLP, a professional services firm based in Ridgeland, Mississippi, experienced a data breach that was first identified due to suspicious activity within its computer network in December 2021. The breach was confirmed in October 2023 to have affected certain patient data from the University of Mississippi Medical Center (UMMC). The compromised data included names, Social Security numbers, addresses, dates of birth, clinical information, health insurance information, and medical record numbers. Horne, LLP filed a notice of the breach with the U.S. Department of Health and Human Services Office for Civil Rights on January 13, 2024[1][4].
The breach did not involve UMMC’s IT network, as the leaked data was stored on Horne’s systems. Horne, LLP began sending out data breach notification letters to all individuals whose information was affected by the security incident on January 13, 2024. These letters were intended to inform victims about the breach and the specific information about them that was compromised[1].
Horne, LLP is known for providing a wide range of accounting-related services, including business valuation, audit & compliance, cybersecurity, and disaster recovery. The firm operates more than 30 locations in 10 U.S. states, employs over 2,000 people, and generates approximately $297 million in annual revenue[1].
In response to the breach, Horne, LLP has implemented additional safeguards and technical security measures to further protect and monitor sensitive consumer data. They also offered 12 months of complimentary credit monitoring services to the affected individuals[4].
The breach notification to the Maine Office of the Attorney General revealed that a total of 3,538 individuals were affected, including 2 Maine residents. The breach was described as an external system breach (hacking), and the notification included a detailed description of the information acquired during the breach[4].
For those affected by the breach, it is recommended to review statements from health insurers for any services not received and to contact the insurer immediately if discrepancies are found. Legal options may also be available for those seeking to protect themselves from potential fraud or identity theft as a result of the breach[1].
The University of Mississippi Medical Center has also provided information and assistance to patients whose information may have been involved in the incident[6].
Citations:
- https://www.jdsupra.com/legalnews/horne-llp-files-notice-of-data-breach-6529455/
- https://horne.com/services/healthcare/cybersecurity/
- https://healthitsecurity.com/news/decatur-county-general-emr-security-incident-impacts-24k
- https://apps.web.maine.gov/online/aeviewer/ME/40/52cc55de-0c92-4553-baa0-7316762a245a.shtml
- https://www.reddit.com/r/CACovidRentRelief/comments/u1and4/has_anyone_heard_about_the_class_action_lawsuit/?rdt=49166
- https://umc.edu/breach-notice
- https://www.gulflive.com/mississippi-press-news/2015/01/srhs_files_federal_lawsuit_aga.html
- https://openclassactions.com/investigations/horne-llp-data-breach.php
- https://www.djournal.com/mbj/opinion/mbj-showcase-horne-cyber-tackling-the-growing-cyber-security-threat/article_4983650c-aa4c-5399-8827-a047192e72ec.html
- https://www.prnewswire.com/news-releases/horne-llp—notice-of-data-event-300592379.html
- https://horne.com/people-industry/publicly-traded-companies/
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
- https://www.jdsupra.com/law-news/personal-injury/torts/government-contracting/session_trace/page_view_event/aggregate
- https://horne.com
- https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
- https://joinclassactions.com/databreach/