BleepingComputer reports that telehealth platform ConnectOnCall, a subsidiary of healthcare software-as-a-service firm Phreesia, had the protected health information of 914,138 individuals stolen following unauthorized access to the app between February and May.
Aside from names and phone numbers, other information compromised as a result of the data breach may have also included birthdates, medical record numbers, details regarding health conditions, prescriptions, and treatments, and some Social Security numbers, said ConnectOnCall in a statement, which also noted the ongoing restoration of impacted systems in a more protected environment. Meanwhile, Phreesia emphasized the separation of the ConnectOnCall service from its other platforms, which have not been impacted by the breach. "Based on our investigation to date, there is no evidence that our other services have been affected. We understand the importance of this service to our clients' business, and we are working to restore the ConnectOnCall service as quickly as possible," said Phreesia.
