Intellihartx, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Intellihartx, LLC, a Tennessee-based healthcare revenue cycle management company, experienced a significant data breach due to a cyberattack on its secure file transfer service provider, Fortra. The breach, which occurred in late January 2023, was part of an attack by the Clop ransomware group that exploited a vulnerability in Fortra’s GoAnywhere Managed File Transfer (MFT) solution[4].

The compromised data included sensitive personal information such as names, addresses, medical billing and insurance information, certain medical information like diagnoses and medications, as well as demographic details including dates of birth and Social Security numbers[1][4][7]. The breach affected approximately 490,000 patients of Intellihartx’s healthcare clients[4].

Intellihartx began notifying affected individuals in June 2023, offering complimentary credit monitoring and identity restoration services for 24 months[3]. The company also took steps to harden its security measures and cooperated with federal law enforcement in response to the incident[3].

A class-action lawsuit was filed against Intellihartx, alleging that the company failed to properly secure and safeguard the protected health information of the plaintiffs and class members, did not adequately supervise its business associates, and did not detect the data breach in a timely manner[4]. The lawsuit claims that Intellihartx was aware of the vulnerability on January 29, 2023, suggesting that the breach could have been prevented or its severity limited[4].

Affected individuals were advised to remain vigilant against identity theft and fraud by reviewing their account statements and monitoring their credit reports[1]. They were also encouraged to enroll in the offered credit monitoring services and to take additional steps to protect their personal information[3][5][6][8].

Citations:

  1. https://triblive.com/local/regional/upmc-contractor-detects-patient-data-breach/
  2. https://www.zoominfo.com/c/intellihartx-llc/359116212
  3. https://ago.vermont.gov/sites/ago/files/2023-06/2023-06-08%20Intellihartx%20Data%20Breach%20Notice%20to%20Consumers.pdf
  4. https://www.hipaajournal.com/intellihartx-class-action-lawsuit-490k-record-data-breach/
  5. https://www.legalserviceslink.com/articles/viewArticle/intellihartx-llc-itx-data-breach-compromises-489000-patients/
  6. https://www.jdsupra.com/legalnews/intellihartx-inc-notifies-489k-patients-6046806/
  7. https://www.databreaches.net/intellihartx-notifies-490000-patients-of-fortra-goanywhere-breach/
  8. https://itsecuritywire.com/news/approximately-a-half-million-social-security-numbers-leaked-in-a-data-breach-at-intellihartx-llc/
  9. https://www.coxhealth.com/newsroom/statement-on-data-incident-with-billing-vendor/
  10. https://www.news-leader.com/story/news/local/ozarks/2023/06/22/some-coxhealth-patients-affected-by-large-scale-data-breach/70342679007/
  11. https://www.msdlegal.com/blog/2023/06/intellihartx-llc-data-breach-class-action-lawsuit-investigation/
  12. https://www.ky3.com/2023/06/21/your-side-coxhealth-data-breach-impacts-potentially-thousands-patients/
  13. https://www.atlanticare.org/about-us/notice-of-third-party-security-incident-impacting-atlanticare-patient-data
  14. https://www.post-gazette.com/business/healthcare-business/2023/06/12/possible-data-breach-25-000-upmc-patients-intellihartx/stories/202306120094
Breach Submission Date Jun 08, 2023
Converted Entity Name Intellihartx, LLC
Converted Entity Type Business Associate
State TN
Individuals Affected 489,830
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes