A third party gained access to the computer network of two pediatric care providers with offices in Hampton Roads, putting patients’ personal information at risk.
Connexin Software, which operates in-house software for pediatric physician practice groups, disclosed the breach late Thursday on behalf of two of its customers: Children’s LTD and Renaissance Pediatrics. In a report, Connexin said medical records, physician group systems and databases were unaffected and the company was not aware of any “actual or attempted misuse of personal information.”
According to Connexin, patient information that “may” have been accessed includes names, addresses, email addresses, dates of birth, social security numbers, health insurance information, medical service dates, medical procedures and diagnoses, and billing information.
In addition, parents, guardians and guarantors of patients may have had access to their information by the third party.
Renaissance Pediatrics has an office in Chesapeake and Children’s LTD has offices on the peninsula. It’s unclear how many patients they serve in the area.
A Connexin spokesperson did not respond to a request for comment on Friday.
Connexin detected a “data anomaly” in its internal network on August 26 and launched an investigation. On September 13, the company learned that an unauthorized third party “was able to access an offline set of patient data used for data conversion and troubleshooting and delete some of this data from the internal network.” , the company said.
“As soon as we discovered the incident, we immediately took action to stop the unauthorized activity,” the company said in a statement. “We have reset passwords for all corporate accounts and moved all patient data used for data conversion and troubleshooting into an even more secure environment. Connexin has also retained the services of a third-party forensic cybersecurity company to investigate the issue and is working with law enforcement to investigate the incident.
Connexin advised those who may have had their information affected by this breach to carefully review their credit reports and statements sent by providers and their insurer to ensure that their account activity is correct.
The Company is providing free identity monitoring and credit monitoring services to anyone whose information may have been affected by this breach. Those interested in these services can visit https://www.officepracticum.com/subtitute-notice/ or call toll-free 855-532-0912.
Pierre Gavin, 757-712-4806, [email protected]