On November 18, 2024, PracticeSuite, Inc. informed the Massachusetts Attorney General of a significant data breach affecting the patients of Texan ENT Specialists, PLLC. The breach, which occurred due to unauthorized access to its computer network, compromised a range of sensitive information, including names, Social Security numbers, addresses, dates of birth, phone numbers, email addresses, health insurance details, medical information, and radiological test results. Following the discovery of the incident, PracticeSuite began notifying affected individuals to inform them about the exposure of their personal and medical data.
The breach stemmed from a cybercriminal gaining access to a file containing backup records of Texan ENT Specialists up to March 19, 2024. The unauthorized access was confirmed to have occurred on October 11, 2024. Upon identifying the breach, PracticeSuite initiated a comprehensive investigation to assess the scope of the data compromise. The company has since confirmed that various types of sensitive patient information were exposed, with the specific details varying by individual.
In response to the breach, PracticeSuite promptly began sending out data breach notification letters to the impacted patients on November 18, 2024. These letters were designed to inform patients of the information that had been compromised and provide them with steps to take in order to protect themselves from potential identity theft and fraud. The company also recommended that affected individuals monitor their accounts and take necessary precautions to safeguard their personal data.
PracticeSuite, Inc. is a healthcare software company based in Tampa, Florida, specializing in medical billing solutions and revenue cycle management for healthcare providers. The company’s software is widely used by over 92,000 healthcare professionals, processing billions in claims annually. As of the latest reports, PracticeSuite has approximately 200 employees and generates annual revenue of around $42 million. While the breach has raised significant concern for the affected patients, the company’s swift action to notify individuals aims to mitigate the impact and help patients take steps to protect their identities.
Reference:
