Connecticut physician practice warns patients of data breach after cyberphishing attack

illustration of closed padlock on digital background representing cybersecurity
A cyberattack caused a data breach for a Connecticut physician practice. (ranjith ravindran/Shutterstock)

A physician-owned multispecialty group practice in Connecticut has warned patients about a data breach following a Feb. 8 cyberphishing attack.

Starling Physicians, based in Rocky Hill, said it became aware of a data security incident that resulted in the potential access to some of its patients’ personal and medical information, including some Social Security numbers.

The practice mailed notification letters to patients affected by the breach, including steps they can take to protect themselves against potential fraud or identify theft, Starling said in a statement on its website. The practice did not say how many patients were affected.

RELATED: 32M patient records breached in 2019. That's double all of 2018, Protenus reports

Case Study

Across-the-Board Impact of an OB-GYN Hospitalist Program

A Denver facility saw across-the-board improvements in patient satisfaction, maternal quality metrics, decreased subsidy and increased service volume, thanks to the rollout of the first OB-GYN hospitalist program in the state.

The cyberphishing attack resulted in an unauthorized third party potentially having access to the contents to some of its employees’ email accounts, the practice said. Upon learning of the attack, the practice secured its email accounts to prevent further access and retained a forensic security firm to investigate, conduct a comprehensive search for any personal information in the impacted accounts and confirm the security of the email and computer systems.

On Sept. 12, the investigation determined that the email accounts contained certain patients’ names, addresses, dates of birth, passport numbers, Social Security numbers, medical information and health insurance or billing information, the practice said. Starling offered free credit monitoring and identity theft protection services to patients whose Social Security numbers may have been impacted.

“Starling takes the security of its patients’ information very seriously and sincerely apologizes for any inconvenience this incident may cause any of its patients,” the practice said in its statement.

Patients were told to review credit card, bank and other financial statements, as well as claims made using their insurance, for any unauthorized activity. 

A report issued earlier this year by Protenus and said breaches of patient privacy appear to be on the rise in the first half of 2019 with an alarming number of records affected by security incidents: 31.6 million.

Suggested Articles

People are demanding free and secure access to their complete health record now. Upcoming federal data-sharing rules will help make that a reality.

Tenet Healthcare's earnings were down from a profit of $108 million the previous year.

A report shows that Medicaid managed care can save significantly more on drugs on than traditional Medicaid. Here are highlights from the analysis.