Manitowoc, WI-based Forefront Management, LLC and Forefront Dermatology, S.C. discovered on June 4, 2021 that unauthorized individuals had gained access to its network and potentially viewed private and confidential employee and patient information.
The affected systems were immediately taken offline to prevent further unauthorized access and an investigation was launched to determine the nature and scope of the attack. On June 24, 2021, Forefront determined that certain files stored on its network had been accessed and potentially obtained which contained the personal information of a limited number of Forefront employees, including their names and Social Security numbers. The investigation revealed its network was first breached on May 28, 2021 and access remained possible until June 4, 2021.
During the course of the investigation, Forefront determined the unauthorized individual also accessed files that included the personal and protected health information of a limited number of current and former Forefront patients.
Patient information potentially compromised in the attack included names, addresses, dates of birth, patient account numbers, health insurance member ID numbers, medical record numbers, dates of service, provider names, and/or medical and clinical treatment information.
The breach summary submitted to state attorneys general indicates 4,431 individuals were affected by the breach. While there is no indication that any information in the files has been misused, Forefront is offering affected individuals a complimentary 12-month membership to TransUnion’s myTrueIdentity Credit Monitoring Service.
Forefront said it is enhancing its security protocols to help prevent a similar incident from occurring in the future.
The post Wisconsin Dermatology Practice Reports Data Breach Affecting 4,400 Individuals appeared first on HIPAA Journal.