San Antonio-based Advanced Spine and Pain Center faced a breach in security on July 31, 2017 after learning patients were being solicited to pay an outstanding balance from an unknown person.
Here are five key points:
1. Shortly after learning of the security incident, ASPC filed a police report and contacted the FBI for investigation. As part of the investigation, the center further realized its server had been compromised by one of more unauthorized users.
2. Demographic, medical and billing information may have been affected. However, ASPC noted financial and payment information was not a part of the potentially affected information.
3. ASPC could not determine if any private information was accessed. Recent monitoring of the network did not identify unauthorized users, leaving the center inconclusive if the server breach was linked to the initial solicited calls.
4. No unauthorized usurers were found accessing the network in recent monitoring. ASPC is taking the appropriate measures to secure its network; however, the center notes various security measures were in place prior to the incident.
5. ASPC has contacted the patients who were affected and is offering those patients theft protection services through ID Experts.