Austin, TX-based VisionWeb Holdings, a provider of Internet-delivered software solutions for the eye care industry for improving practice efficiency, has recently reported a data breach to the HHS’ Office for Civil Rights that has affected up to 35,900 patients.
According to the breach report sent to the HHS on October 3, 2022, unauthorized individuals gained access to its email environment which contained patient information. The breach was also reported to the Texas Attorney General, with that report stating that names, Social Security numbers, government-issued identification numbers, medical information, and health insurance information had potentially been compromised. Individual notifications started to be sent to affected individuals on October 3, 2022, along with information on the steps they can take to protect against identity theft and fraud.
This post will be updated when further information about the breach becomes available.
Eventus WholeHealth Announces Email Account Breach
Durham, NC-based Eventus WholeHealth has recently confirmed that the email account of an employee has been accessed by an unauthorized individual. Suspicious email account activity was detected on June 1, 2022, and immediate action was taken to secure the account. The investigation into the breach confirmed on August 17, 2022, that an unauthorized third party had accessed the account and may have viewed or copied sensitive patient data, although no specific evidence of unauthorized data access or data theft was discovered.
Eventus said the breach was confined to a single email account and explained that the account had multifactor authentication in place, but that it failed to prevent unauthorized access. Individual notifications are being sent to affected individuals, who will be told the exact types of information that have been exposed. Those data types were not detailed in the breach notification sent to the Montana Attorney General. Affected individuals are being offered complimentary credit monitoring and identity theft protection services.
The incident has yet to appear on the HHS’ Office for Civil Rights website, so it is unclear how many individuals have been affected.
The post VisionWeb Data Breach Affects Up to 35,900 Individuals appeared first on HIPAA Journal.