Well, I thought maybe the Prestera press release might be the last one of the year for my December PHI breach tracking purposes, but then I found this one. Mattapan Community Health Center in Massachusetts published this press release on December 31, too:
MATTAPAN, Mass., Dec. 31, 2020 /PRNewswire/ — Mattapan Community Health Center (“MCHC”) is providing notice of an incident involving potential unauthorized access to personal information. To date, MCHC has not received any reports that personal information has been misused as a result of this incident.
On October 16, 2020 MCHC discovered unusual activity in an employee email account and immediately launched an investigation with the assistance of a third-party computer forensic investigator to determine the full nature and scope of what occurred. Through this investigation, on October 29, 2020, MCHC determined that an unknown actor gained access to a certain MCHC employee email account between July 28, 2020 and October 15, 2020.
The contents of the impacted email account was next reviewed through a manual and programmatic process to determine what sensitive data may have been accessible. MCHC then confirmed the identities of the individuals who may have had information accessible as a result of the incident and launched a review of MCHC files to ascertain address information for the impacted individuals.
The confidentiality, privacy, and security of information is one of MCHC’s highest priorities. Immediately after learning of the incident, MCHC launched an investigation to determine the full nature and scope of what occurred. The information impacted varies by individual, however the investigation determined the following type of information was contained in the email account: name, Social Security number, medical diagnosis and treatment information, provider information, health insurance information and/or medical record number (MRN). MCHC also implemented additional security measures to further protect information.
Although MCHC is unaware of any actual or attempted misuse of any information, it is providing notice of this incident out of an abundance of caution. MCHC is in the process of preparing written, mailed notice to all potentially impacted individuals. MCHC also encourages individuals who believe they may be impacted by this incident to contact our dedicated assistance line at 1-800-340-1781 from 9:00 a.m. – 9:00 p.m. Eastern Time, Monday through Friday.
Please visit the MCHC website at https://www.mattapanchc.org/ for more information. Potentially affected individuals may also consider the information and resources outlined below.
The complete press release can be found here.