By HFT Staff

Palomar Health Medical Group (PHMG), on behalf of itself and its affiliates, Graybill Medical Group, Inc. and Pacific Accountable Care, LLC, recently became aware of an incident that may have impacted the privacy of information related to certain individuals. PHMG’s investigation is ongoing, and it cannot determine the specific individuals and information that may have been impacted by the incident. However, PHMG is unaware of any actual or attempted misuse of information about the incident. PHMG will provide more information as it continues its investigation and learns more, but in the meantime it is providing all patients with this notice to share information known about the incident and steps they may take.  

On or around May 5, 2024, PHMG identified suspicious activity on certain computer systems within its network. PHMG immediately launched an investigation to determine the nature and scope of the activity. The investigation is ongoing but has found that an unauthorized actor gained access to certain files within PHMG’s network from April 23, 2024, to May 5, 2024, and may have copied those files. Additionally, this incident may have caused certain files to become unrecoverable. However, PHMG is continuing its efforts to restore all files and identify the specific individuals and information that may have been impacted so it can provide individualized notice with additional information when its investigation is complete.  

PHMG’s investigation is ongoing, and it cannot identify the specific individuals and information that may have been impacted. The categories of information that may be affected will vary by individual, but based on PHMG’s best assessment at this time the categories of information could include name, address, date of birth, Social Security number, medical history information, disability information, diagnostic information, treatment information, prescription information, physician information, medical record number, health insurance information, subscriber number, health insurance group/plan number, credit/debit card number, security code/PIN number, expiration date, email address and password, and username and password.