By HFT Staff

Prospect Medical Holdings Inc. experienced a data security incident that involved information pertaining to certain patients. This notice explains the incident, measures that have been taken and some steps patients can take in response. 

On August 1, 2023, Prospect Medical learned of a data security incident that disrupted the operations of some of their IT systems. They immediately took steps to secure their systems, contain the incident and notify law enforcement. Additionally, a third-party forensic investigation firm was engaged to conduct an investigation.  

Through their ongoing investigation, Prospect Medical determined that an unauthorized party gained access to their IT network between the dates of July 31, 2023, and August 3, 2023. While in their IT network, the unauthorized party accessed and/or acquired files that contain information pertaining to certain Prospect Medical patients affiliated with the following facilities: Southern California Hospital at Culver City, Southern California Hospital at Hollywood, Southern California Hospital at Van Nuys, Los Angeles Community Hospital, Los Angeles Community Hospital at Norwalk, Los Angeles Community Hospital at Bellflower and Foothill Regional Medical Center. The information varied by patient but could have included names, addresses, dates of birth, diagnosis, lab results, medications, and other treatment information, health insurance information, provider / facility name, dates of treatment and financial information. For some patients, this information may have included their Social Security and/or driver’s license numbers.  

On September 29, 2023, Prospect Medical began mailing letters to patients whose information may have been involved in the incident. Patients whose Social Security and/or driver’s license numbers are involved are being offered complimentary credit monitoring and identity protection services. In addition, Prospect Medical established a dedicated, toll-free incident response line to answer questions that individuals may have. 

For patients whose information was involved in the incident, Prospect Medical recommends reviewing the statements received from healthcare providers and contacting the relevant provider immediately if they see services that they did not receive.  

To help prevent something like this from happening again, Prospect Medical has implemented additional safeguards and technical security measures to further protect and monitor their systems.