As if colonoscopies weren’t invasive enough, nearly a quarter-million patients who underwent an intestinal probe since 2019 now must grapple with a data breach tied to a hacking incident at a third-party vendor to gastroenterologists.
Kansas-based Captify Health is notifying approximately 244,300 patients that their payment card and other personal information may have been compromised in a data security incident that started as far as back as 2019 involving its colonoscopy prep kit online retail business.
A company breach notification filed with Maine’s attorney general says the Captify Health online retail service Your Patient Advisor suffered a “malicious code” incident that persisted for more than three years, from May 26, 2019, to April 20, 2022.
The company says it received notice in March 2021 of fraudulent use of consumer credit cards related to its payment card environment. An investigation into the matter concluded Oct. 12, 2022, with a determination that a breach did occur.
Captify Health did not immediately respond to Information Security Media Group’s request for additional details.
Affected information includes full name, address, payment card number, expiration date and payment card security code, the company says.