So it appears that Bizmatics, Inc. has continued notifying entities of their 2015 breach. I stumbled across this one today from Arkansas Spine and Pain.
We have been notified by our electronic medical record vendor, Bizmatics, that cyber intruders may have installed malware on their system. Bizmatics learned of the intrusion in late 2015, however, we were notified on May 12, 2016 that our patient records were located on one of the Bizmatics servers that were affected. Bizmatics is unable to tell us whether any of our patient records have actually been accessed by any unauthorized individual. However, in an abundance of caution, we have notified all of our patients of this possibility. The Bizmatics server that houses our patient medical records and that was potentially affected by this breach contains patient names, addresses, date of birth, insurance information, social security number and clinical documentation. Again, we do not know that any of our patients’ information has been accessed. To learn how to protect yourself against identity theft, you may consult the Arkansas Attorney General’s website, which is accessible at: www.arkansasag.gov/programs/consumer-protection/my-identity
We sincerely regret that this incident occurred and we have been notified by Bizmatics that they are taking steps to further strengthen its defenses against cyberattacks, including hardening its firewall and network configurations. We have also been assured by Bizmatics that they are committed to ensuring its systems are as secure as they can be in our current environment. If you have any questions or would like additional information, please contact Mr. Ithakar Pathan at 501-227-0184, ext. 130.
This incident is not yet up on HHS’s public breach tool, so the number being notified is not known, but I’ll update this when we do get a number.
But if they were first notified in May and they allude to “servers” (plural), I wonder how many more covered entities we have yet to find out about.
Update: This was reported to HHS as affecting 17, 100.