Update of May 22: R&B Corporation of Virginia d/b/a Credit Control Corporation reported the incident to HHS on May 13 as affecting even more people than had been reported to Maine. They reported 345,523 patients were affected.
Nicole Livas reports:
A security breach of patient accounts may have put your private information at risk. Credit Control Corporation (C-C-C) says the hack impacts debt collection accounts for local hospitals and doctor’s offices. The agency syas it became aware of unusual activity on March 7th, and an investigation started soon after. The discovery revealed certain files were copied from C-C-C’s network as part of a cyber-attack that happened between March 2 and March 7.
Read more at 13News
According to C-C-C, the firm is providing notice on behalf of:
multiple entities, including Sentara Health System, Riverside Health System, UVA Health System, Bayview Physicians Group, Pariser Dermatology Specialists, Inc, Valley Health System, Dominion Pathology Laboratories, Chesapeake Radiology, Children’s Hospital of the King’s Daughters Health System and its Affiliates, VCU Health System, Chesapeake Regional Medical Center, Mary Washington Healthcare, and Tidewater Physicians Multispecialty Group.
The incident was reported to the Maine Attorney General’s Office as impacting 286,699 people, of whom 20 were Maine residents. The data owners for the 20 Maine residents were listed in an exhibit submitted to the state as:
- Atlantic Orthopaedic Specialists 1
- Chesapeake Radiology 1
- Children’s Specialty Group 2
- Dominion Pathology Laboratory 1
- Emergency Physicians Of Tidewater 3
- Mary Washington Healthcare 2
- Medical Center Radiology 2
- Riverside Health System 3
- Sentara Health System 13
- Valley Health System 2
C-C-C’s notification to the state and to those affected is silent on the question of whether there was any extortion or ransom demand made. DataBreaches has sent an email inquiry to C-C-C asking specifically about that point but no reply was immediately available. Check back for any updates.