- October 16, 2024
- Posted by: Thomas Anderson
- Categories:
Gryphon Healthcare, a Houston, Texas-based supplier of healthcare billing services, reported that almost 400,000 people’s private information was stolen in a data security incident that occurred earlier this year.
According to a data security incident notice sent to the Office of Maine Attorney General, Gryphon learned of a data security incident involving a customer company that it provided medical billing services to on August 13. As a result, threat actors were able to unlawfully access some of Gryphon’s protected health and personal data.
An unauthorized actor may have gained access to specific files and data containing patient information for whom Gryphon offers medical billing services as a result of this third-party security incident.
According to the warning, “Gryphon then initiated a thorough examination of all potentially impacted files to verify the people and data involved, which ended on September 3, 2024.”
According to the investigation, the incident compromised sensitive personal data of Gryphon’s patients, including their names, birth dates, addresses, Social Security numbers, dates of service, diagnosis information, health insurance information, medical treatment information, prescription information, provider information, and medical record numbers.
The data security breach affected at least 393,358 people, according to Gryphon’s filing with the Maine state regulator.
“As soon as Gryphon learned about this incident, Gryphon took the necessary actions and put policies in place to improve security and reduce the likelihood that a similar incident would happen again,” the billing provider stated.
Despite finding no indication that the compromised data was being misused, it advised all impacted parties to keep a close eye on their credit reports, account and benefit statements, and to report any suspicious activity to law enforcement, including the state attorney general and police.
Additionally, Gryphon has provided all impacted individuals with a complimentary one-year subscription to IDX’s identity protection and credit monitoring services.