SAN DIEGO (KGTV) — Palomar Health Medical Group is sharing information that may have been compromised in a cyberattack that crippled the organization’s daily operations.
It is a long list that includes patients’ names, addresses, Social Security numbers, medical histories, and prescription information.
In an email sent late Wednesday night before July 4, a marketing firm representing Palomar said an “unauthorized actor” had access to certain files on the Palomar network from April 23 to May 5 and may have copied files.
According to a statement from marketing group InnoVision, the incident may have rendered some files unrecoverable.
“They remained silent”
Since the attack, patients have told Team 10 they have been unable to refill prescriptions or make doctor appointments. Doctors have limited access to patient records, and phone lines and computer systems remain down.
“It would have been nice if they had let us know,” said Patricia Ryan, a Palomar patient who said last month she nearly ran out of blood pressure medication after being unable to get a refill.
Ryan was unaware of the list of potentially compromised information until Team 10 called him on Thursday.
The list includes disability and diagnosis information, health insurance information, emails, credit and debit card numbers, and PINs and passwords.
“We didn’t hear anything. They stayed silent,” Ryan said.
Law enforcement has been informed
Palomar said it takes the privacy, confidentiality and security of the information in its care very seriously, in a statement provided by InnoVision.
“Upon discovery of the incident, PHMG began a thorough investigation to confirm the nature and scope of the incident and the information involved, and took prompt action to ensure the security of its network environment,” the statement said. “PHMG also notified law enforcement and will continue to evaluate its policies and procedures related to data privacy and security.”
Palomar said it encourages patients to remain vigilant about identity theft and fraud and encourages customers to review their bank and credit card statements and report any suspicious activity.
Customers with questions about the incident can call 888-829-5736 Monday through Friday from 9 a.m. to 9 p.m.
RELATED ARTICLES:
