We’re still learning of other Bizmatics clients who were notified that their patient data may have been acquired by criminals. Lifewellness Institute in California notified HHS this month that they had notified 2,473 of their patients of the incident.
In a letter to their patients, a copy of which was kindly provided to DataBreaches.net by Lifewellness Institute, they write:
Based on information provided to us by Bizmatics, in 2015 cyber intruders installed malware into PrognoCIS. It was not discovered by Bizmatics until the end of 2015. On March 30, 2016, our office was notified by Bizmatics that our patient files were on the server accessed by the cyber-intruders. Bizmatics worked with law enforcement and a cyber-security firm on the matter but has been unable to conclude whether or not your information was actually viewed or acquired. The information stored in the server accessed by the unauthorized users includes, but is not limited to, the following: name, address, phone number, birth date, marital status, Social Security number, insurance information, as well as the charted medical history.
It is always advisable to closely monitor all accounts and credit information. Because of this concern, our office has arranged for you to receive, should you so desire, free credit monitoring for one year. We urge you to utilize this service through Equifax Personal Solutions to help you protect your identity and your credit information.
Lifewellness Institute is the second entity we know of to report the Bizmatics breach to HHS this month. There are other entities for whom we have no information as yet, but may also have been impacted. Bizmatics has never responded to inquiries from this site or other media outlets.