This is a follow-up to a breach reported previously on this blog. As I had deduced, the affected practice was Atlanta Perinatal Associates. The competitor still hasn’t been publicly named, however.
Fran Jeffries reports:
An Atlanta man has been sentenced to serve a year and a month in prison for hacking into a competing medical practice’s computer to try to lure away patients.
Eric McNeal, 38, was charged with accessing a computer without authorization, including taking patients’ personal information in order to send them marketing materials. He pleaded guilty to the charge on Sept. 28.
According to prosecutors, McNeal, an information technology specialist, worked for Atlanta Perinatal Associates, a medical practice in Atlanta. He left that company in November 2009 and went to work for a competing perinatal medical practice in the same building.
In April 2010, McNeal used his home computer to hack into his former employer’s patient database. He downloaded the names, phone numbers and addresses of its patients, and then deleted patient the information from his former employer’s system.
McNeal then used the patient names and contact information to launch a direct-mail marketing campaign to benefit his new employer.
Read more on AJC.
As noted previously, this breach never appeared on HHS’s breach tool, and I’m not sure why as there are several possibilities. Atlanta Perinatal Associates never responded to the e-mail inquiry I had sent them.