Unauthorized individuals have gained access to the systems of Eye Care Leaders, a provider of electronic health records and patient management software solutions for eye care practices. On or around December 4, 2021, hackers gained access to its myCare Identity solution and deleted databases, systems configuration files, and data.
Eye Care Leaders said its incident response team immediately stopped the unauthorized activity when the breach was detected and launched an investigation into the security breach. The investigation is ongoing, but notifications have now been sent to affected ophthalmology and optometry practices.
While the investigation has not uncovered evidence to suggest the attackers viewed or exfiltrated sensitive data, the possibility of unauthorized data access and theft could not be ruled out. The types of information that have been exposed included patient names, dates of birth, medical record numbers, health insurance information, Social Security numbers, and information regarding the care received at the affected eye care practices. The breach was confined to the myCare Identity solution. The systems of eye care providers that use the solution were not compromised. It is currently unclear how many individuals have been affected by the breach. The Eye Care Leaders website states that it provides software solutions to more than 9,000 ophthalmologists and optometrists.
Kirkland, WA-based EvergreenHealth has also been affected, and sent notifications to 20,533 patients on April 22, 2022, and confirmed that the breach only affected data related to the EvergreenHealth Eye Care Clinic. If any non-eye care medical services had been received at EvergreenHealth, the information would not have been stored in the affected system. EvergreenHealth said it is examining its relationship with Eye Care Leaders and assessing the security safeguards that have been implemented.
Nashville, TN-based Summit Eye Associates sent notifications to affected patients on April 28, 2022, and has reported the breach to the HHS’ Office for Civil Rights as affecting up to 53,818 individuals.
The post Eye Care Leaders Hack Impacts Tens of Thousands of Patients appeared first on HIPAA Journal.