New Mexico-based nonprofit Presbyterian Healthcare Services had 305,088 patients' protected health information stolen after its law firm Thompson Coburn was compromised in late May, reports SecurityWeek.
Included in the data exfiltrated from Thompson Coburn's systems were individuals' names, birthdates, Social Security numbers, medical record and patient account numbers, treatment or prescription details, clinical information, medical provider details, and health insurance information, said the law firm in a disclosure to the Department of Health and Human Services. Additional details regarding the incident have not been provided by Thompson Coburn, which only noted the absence of evidence suggesting illicit use of the stolen data as it provided impacted individuals with complimentary credit monitoring and identity theft protection services. Whether other organizations have been impacted by the third-party breach, which has not yet been claimed by any ransomware operation, remains to be seen.
