Unauthorized Access To Family Practice Office Responsible for Breach of Patient Information

2019, Breaches, March

Who: St. Francis Physician Services

# of Accounts Breached: More than 32,000 patients
What was affected: Names, addresses, health insurance information, Social Security numbers and dates of birth.

When it happened: January 4, 2019

How it happened: SFPS posted a statement on its website detailing the cyber attack, which the health system discovered Jan. 4. SFPS hired a third-party forensics​ firm to investigate the security breach and found that an unauthorized person gained access to Milestone Family Medicine’s systems. No patient information was found to have been misused.

Outcome: SFPS is mailing notification letters to patients affected and is providing free credit monitoring and identity protection services to individuals whose Social Security number was affected. The HHS Office for Civil Rights recorded 32,178 Milestone Family Medicine patients were affected.