Physician’s Business Office, Inc.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
In April 2022, Physician’s Business Office, Inc. (PBO), a Parkersburg, West Virginia-based company specializing in medical practice management and administrative services for healthcare providers, experienced a significant data breach. This incident potentially impacted the protected health information of approximately 196,573 individuals. PBO detected unusual activity in its network environment and promptly initiated measures to secure its systems. An independent digital forensics and incident response firm was hired to assist with the investigation, which revealed that certain information stored on PBO’s network had been accessed and potentially acquired without authorization. The compromised data included sensitive personal and health information such as names, home addresses, dates of birth, Social Security numbers, driver’s license numbers, medical treatment and diagnosis information, disability codes, prescription information, and health insurance account information.
Upon completing a thorough review of the potentially affected data by June 30, 2022, PBO notified the relevant healthcare providers on July 26, 2022. Efforts were made to collect current mailing addresses for all potentially impacted individuals, culminating in the issuance of notification letters starting September 23, 2022. These letters informed the affected individuals about the breach and offered resources to assist them, including complementary credit monitoring and identity protection services. PBO has stated that there is no evidence of misuse of the compromised information. In response to the incident, PBO has taken steps to enhance its security measures to prevent future breaches and has established a toll-free call center to address questions and concerns related to the breach
This breach was one of the significant healthcare data breaches in West Virginia in 2022, highlighting the vulnerability of healthcare institutions to cyberattacks.