The information of over 300,000 Presbyterian Healthcare Services patients was compromised as a result of a data breach at law firm Thompson Coburn.
In a recent data security incident notice, Thompson Coburn said it had detected unauthorized activity on its network on May 29.
An investigation showed that files containing protected health information belonging to patients of its client, Presbyterian Healthcare Services, had been viewed or taken.
Presbyterian is a New Mexico-based nonprofit healthcare organization that operates several hospitals. According to its LinkedIn page, its health plan serves more than 580,000 members.
The compromised information includes name, Social Security Number, date of birth, medical record number, patient account number, prescription or treatment information, medical provider information, clinical data, and health insurance information.
Impacted individuals are being notified and offered free credit monitoring and identity theft protection services, although Thompson Coburn says there is no indication of identity theft or fraud related to the incident.
The law firm has not shared any additional information on the cyberattack. No known ransomware group appears to have taken credit for the attack.
Thompson Coburn informed the US Department of Health and Human Services that 305,088 individuals are impacted by the incident.
It’s unclear if other Thompson Coburn customers are also impacted by the breach, but the law firm has set up a dedicated notification website that only mentions Presbyterian Healthcare Services at the time of writing.
Related: Ransomware Attack Disrupts Georgia Hospital’s Access to Health Records
Related: Mystic Valley Elder Services Data Breach Impacts 87,000 People
Related: Change Healthcare Ransomware Attack Impacts 100 Million People
Related: OnePoint Patient Care Data Breach Impacts Nearly 800,000 People