Precision Anesthesia Billing LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Precision Anesthesia Billing LLC, a Tampa, FL-based HIPAA business associate, reported a significant breach of protected health information (PHI) affecting 209,200 individuals to the HHS’ Office for Civil Rights on July 7, 2023[1][3][7]. The breach was attributed to a well-known cyber threat actor responsible for many successful cyberattacks, although the specific group was not named in the reports[1][3].

The breach was first communicated to Athens Anesthesia Associates (AAA), one of the entities affected by the breach, on May 11, 2023. AAA was informed that the data of some of its patients had potentially been compromised[1][3]. The compromised data included a wide range of sensitive information such as names, addresses, phone numbers, email addresses, dates of birth, ages, Social Security numbers, bank account numbers, insurance policy numbers, diagnoses, treatment information and dates, ultrasound images, medical record numbers, and hospital account numbers[1][3].

In response to the incident, Precision Anesthesia Billing LLC was able to stop the attack and secure its systems. However, it was likely that files containing patient data were accessed during the breach[1][3]. As a measure to assist those affected, AAA offered affected patients two years of complimentary credit monitoring services[1].

The breach at Precision Anesthesia Billing LLC was part of a larger pattern of cyberattacks on healthcare providers and business associates, with ransomware attacks and other forms of hacking being common causes of data breaches in the healthcare sector[6][7][8][12][13]. The incident underscores the ongoing challenges that healthcare organizations face in protecting sensitive patient information from cyber threats.

Citations:

  1. https://www.hipaajournal.com/lockbit-ransomware-group-threatens-to-publish-stolen-cancer-patient-data/
  2. https://www.tampa-xway.com
  3. https://www.hipaa.info/cyberattacks-on-healthcare-providers-including-varian-medical-systems-and-bi-bett-corporation/
  4. https://www.cardinalhealth.com/en/about-us/contact-us.html
  5. https://www.beckersasc.com/anesthesia/patients-in-13-states-possibly-affected-by-anesthesiology-associates-and-anesthesia-services-breach.html
  6. https://www.hipaajournal.com/data-breach-impacts-more-than-one-dozen-anesthesia-providers/
  7. https://www.hipaajournal.com/july-2023-healthcare-data-breach-report/
  8. https://www.hipaajournal.com/may-2023-healthcare-data-breach-report/
  9. https://newstral.com/en/article/en/1244518999/arietis-health-llc-announces-moveit-data-breach-impacting-patients-of-northstar-anesthesia-facilities
  10. https://www.healthcareitnews.com/news/pharmerica-announces-health-data-breach-possibly-largest-q1-2023
  11. https://search.sunbiz.org/Inquiry/CorporationSearch/SearchResults?Detail=FL.DOS.Corporations.Shared.Contracts.FilingRecord&InquiryDirectionType=PreviousRecord&InquiryType=EntityName&ListNameOrder=PRECISIONAMERICANINDUSTRIES+K624450&SearchNameOrder=PRECISIONANESTHESIABILLING+W230000159300
  12. https://www.v2verify.com/2023-data-breaches
  13. https://www.calhipaa.com/healthcare-data-breach-report-for-july-2023/
  14. https://www.reddit.com/r/NewParents/comments/zcd3jq/fake_bill_after_hospital_stay_giving_birth/?rdt=38427
Breach Submission Date Jul 07, 2023
Converted Entity Name Precision Anesthesia Billing LLC
Converted Entity Type Business Associate
State FL
Individuals Affected 209,200
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes