ConnectOnCall is notifying more than 900,000 individuals that their personal information and medical information was compromised in a data breach earlier this year.
A digital, on-call answering solution, ConnectOnCall enables healthcare providers to manage after-hour calls and simplify patient communication and care coordination.
The newly disclosed incident, the company says, was discovered on May 12, and impacted information related to the communication between patients and healthcare providers that use its service.
The potentially compromised information includes names, phone numbers, and may also include dates of birth, Social Security numbers, medical record numbers, and health, treatment, and prescription information.
According to ConnectOnCall, an unknown threat actor gained access to its service and to the data within the application on February 16, 2024, and lingered in the system until May 12, 2024.
“ConnectOnCall engaged external cybersecurity specialists to determine the full nature and scope of the incident, identify any impacted information, and help it enhance its security controls to mitigate the risk of future security incidents,” the company says.
ConnectOnCall notified law enforcement, immediately took the service offline, and has been working on restoring it in a more secure environment.
Last week, the company started sending written letters to the impacted individuals for whom a mailing address was available, to notify them of the incident. Those who had their Social Security numbers compromised have been provided with free identity and credit monitoring services.
“While ConnectOnCall is not aware of any misuse of personal information or harm to patients as a result of this incident, potentially impacted individuals are encouraged to remain vigilant and report any suspected identity theft or fraud to your health plan or insurer, or financial institution,” the company says.
ConnectOnCall told the US Department of Health and Human Services that 914,138 individuals were affected by the data breach.
Related: Hackers Possibly Stole Personal Data From Bitcoin ATM Operator Byte Federal
Related: 446,000 Impacted by Center for Vein Restoration Data Breach
Related: Contract Tracing Breach Impacts Private Info of 72K People
Related: Someone Is Hacking Cybercrime Forums and Leaking User Data
