CCM Health Falls Victim to Data Breach

The breach occurred in April 2023.

By HFT Staff


CCM Health learned certain systems within their network environment were affected by a cybersecurity incident that resulted in the unauthorized access to and/or acquisition of certain files from the network, which occurred between April 3, 2023, and April 10, 2023. As soon as they became aware of this issue, they launched an immediate and thorough investigation and alerted law enforcement. 

As part of the investigation, CCM Health engaged leading third-party cybersecurity professionals experienced in handling these types of incidents. The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. Upon completing the investigation, they identified the files that were subject to unauthorized access and/or acquisition and they determined the impacted files likely contain sensitive data; including personal information and protected health information. They conducted an extensive manual review of the impacted files to determine the scope of the affected information and to identify the individuals to whom the data belongs.  

On February 12, 2024, CCM Health discovered that some of the files contained individual identifiable personal and/or health information. The potentially affected data includes individual names, addresses, dates of birth, driver’s license or other state identification numbers, passport numbers, Social Security numbers, financial account numbers, routing numbers, payment card numbers, health insurance information and medical information. If medical information was involved, this may include a medical record number, patient account number, prescription information, healthcare provider’s name, medical diagnosis, diagnosis code, treatment type, treatment location, treatment date, admission date, discharge date and/or lab results.  

This is not an exhaustive list, nor can CCM Health confirm that each data element was affected as it relates to all affected individuals. They began notifying affected individuals via U.S. mail and will offer complementary credit monitoring services to those whose Social Security numbers were involved. 

CCM Health reminds individuals to remain vigilant in reviewing financial account statements regularly for any fraudulent activity. They also recommend that patients and their families review the explanation of benefits statements and follow up on any items not recognized. 



March 21, 2024


Topic Area: Information Technology , Security


Recent Posts

The Future of Backup Power Systems in Healthcare Facilities

Manufacturers discuss what trends are shaping the future of backup power systems in healthcare.


Infection Control is Key to Ongoing Measles Outbreak

Infection control is essential to protecting both patients and staff from contracting measles.


Kaiser Permanente to Open New Parker Medical Offices

It also announced it's in the early stages of planning a rebuild and expansion of its Westminster Medical Offices.


Skanska Completes Renovation for New Sutter Health Care Center

The new facility will provide internal medicine, family medicine, pediatrics, as well as lab and imaging services.


Probiotic Cleaners: The Start of a Cleaning Revolution?

Advantages of probiotic cleaning include fewer resistant genes and cost savings through decreased antibiotic use.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.