DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

SC: Patients of Milestone Family Medicine notified of data breach

Posted on March 1, 2019 by Dissent

Liv Osby reports:

Patients of a Bon Secours St. Francis Health System medical practice are being notified that their personal information may be at risk after a data breach at the practice.

On Jan. 4, officials learned that an unauthorized person had gained access to some systems at Milestone Family Medicine in Greenville, St. Francis said in a statement issued late Friday afternoon.

An investigation was launched and steps were taken to secure the account, according to the statement.

Officials determined that patient information may have included names, dates of birth, Social Security numbers, addresses, health insurance company, and other information related to care provided at Milestone Family Medicine.

Read more on Greenville Online.  The following is the text of a notice on Bon Secours St. Francis web site:

St. Francis Physician Services previously employed the physicians at Milestone Family Medicine. St. Francis Physician Services is fully committed to maintaining the privacy and security of its patients’ information. Regrettably this notice regards an incident that may have involved some of that information.

On January 4, 2019, we learned that an unauthorized individual gained access to some systems at Milestone Family Medicine. We immediately took steps to secure the systems and began an investigation. We retained a third party forensic firm to assist us in that investigation. We determined that some patients’ information was contained on one of the servers and may have included patients’ names, dates of birth, addresses, health insurance company, social security number and information related to care received at Milestone Family Medicine.

We have no indication that any patient information has been misused in any way. We are mailing notification letters to affected patients and providing complimentary credit monitoring and identity protection services to those patients whose social security number was on the affected system. We recommend affected patients review the statements they receive from their health care providers. If there are charges for services they did not receive, they should contact the provider.

We deeply regret any concern this may cause. To help prevent something like this from happening in the future, we are enhancing technology management and information security risk oversight. If any patients have questions, please call 1-877-239-1255, Monday through Friday, 9 a.m. to 9 p.m. Eastern Time.

DataBreaches.net reached out to BSHI for clarification on a  few points. Although they did not answer the question as to how many patients were being notified,  they did explain that Milestone is no longer affiliated with St. Francis Physician Services, “so we cannot comment on anything they are currently doing or any protocols that have been or will be put into place in regards to their health record systems.”

In response to a question about how the attack occurred, the spokesperson responded,

These attacks targeted electronic health record systems that allowed remote user access to the internet. Any internet connections for systems not actively used to support patient care have been shut down to avoid further malicious activity.

Related posts:

  • Bon Secours Notifying Patients of Information Security Breach
  • Bon Secours notifies 655,000 patients that vendor error exposed patient info on Internet
  • UW Medicine notifying 974,000 patients whose information was exposed online in December
  • Commentary: Paternalism — and protectionism — rears its ugly head
Category: Health Data

Post navigation

← OH: Aurora City Schools investigating ‘sophisticated’ financial cyber-security breach
BambooHR discloses breach involving TraxPayroll →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.