DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

WI: EVERSANA reports breach of protected health information that occurred in 2019

Posted on April 8, 2020 by Dissent

EVERSANA, a global commercial services provider to healthcare entities, has disclosed a data breach that occurred between between April 1 and July 3, 2019.  The breach reportedly affected patient data stored in a legacy technology environment, which has since been updated.

According to their notification, “Upon notification of unusual email activity, the firm immediately conducted a comprehensive review and confirmed that certain EVERSANA accounts were subject to unauthorized access through a legacy technology environment, which has since been updated, between April 1 and July 3, 2019.”

But when were they first notified of unusual email activity? And how were they notified? Was this discovered internally or did some external party contact them? And how many patients were impacted?

Eversana reports that they completed their investigation on or around February 7, 2020 and determined the types of information that were potentially accessible:

The types of information potentially accessible may include name, address, social security information, driver’s license/state identification number, passport number, tax identification number, financial account information, debit/credit card information, username and password, health information, treatment information, diagnosis, provider name, MRN/patient ID number, Medicare/Medicaid number, health insurance information, treatment cost information, and/or prescription information.

EVERSANA claims that they currently have no evidence that personal information was subject to actual or attempted misuse.

DataBreaches.net sent an inquiry as to when they first discovered unusual activity and how many patients are being notified, but no reply was received by publication time.  One of the queries concerned whether they are considered a business associate under HIPAA and whether they are reporting this incident to HHS/OCR.

This post will be updated if more information is received.

 

No related posts.

Category: Breach IncidentsHackHealth DataU.S.

Post navigation

← Vianet’s customer data compromised with latest leaks
Maropost takes your privacy and security…. →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.