CCM Health Falls Victim to Data Breach

The breach occurred in April 2023.

By HFT Staff


CCM Health learned certain systems within their network environment were affected by a cybersecurity incident that resulted in the unauthorized access to and/or acquisition of certain files from the network, which occurred between April 3, 2023, and April 10, 2023. As soon as they became aware of this issue, they launched an immediate and thorough investigation and alerted law enforcement. 

As part of the investigation, CCM Health engaged leading third-party cybersecurity professionals experienced in handling these types of incidents. The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. Upon completing the investigation, they identified the files that were subject to unauthorized access and/or acquisition and they determined the impacted files likely contain sensitive data; including personal information and protected health information. They conducted an extensive manual review of the impacted files to determine the scope of the affected information and to identify the individuals to whom the data belongs.  

On February 12, 2024, CCM Health discovered that some of the files contained individual identifiable personal and/or health information. The potentially affected data includes individual names, addresses, dates of birth, driver’s license or other state identification numbers, passport numbers, Social Security numbers, financial account numbers, routing numbers, payment card numbers, health insurance information and medical information. If medical information was involved, this may include a medical record number, patient account number, prescription information, healthcare provider’s name, medical diagnosis, diagnosis code, treatment type, treatment location, treatment date, admission date, discharge date and/or lab results.  

This is not an exhaustive list, nor can CCM Health confirm that each data element was affected as it relates to all affected individuals. They began notifying affected individuals via U.S. mail and will offer complementary credit monitoring services to those whose Social Security numbers were involved. 

CCM Health reminds individuals to remain vigilant in reviewing financial account statements regularly for any fraudulent activity. They also recommend that patients and their families review the explanation of benefits statements and follow up on any items not recognized. 



March 21, 2024


Topic Area: Information Technology , Security


Recent Posts

Site Selection Mistakes: What Not To Do

Healthcare providers that treat site selection as a strategic decision, not a simple real estate deal, will be positioned for long-term success.


High-Performance EFCO Systems Shape MUSC's New Black River Medical Center

Case study: A sweeping curved-glass entrance, impact-resistant envelope and energy-efficient fenestration support a sustainable, resilient design for one of South Carolina’s newest rural hospitals.


Heritage Valley Health System to Officially Affiliate with Alleghany Health Network

With the affiliation now complete, Heritage Valley Beaver and Heritage Valley Sewickley will be rebranded.


The Impact of Acoustics on Patient Privacy

As healthcare facilities evolve toward more open and flexible care environments, acoustic privacy has become essential.


Texas Behavioral Health Center in Dallas Opens with Ribon-Cutting Ceremony

The 456,265-square-foot facility offers a variety of therapeutic, recreational and social spaces that prepare patients for life outside the hospital.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.