Five Rivers Health Centers, a healthcare provider based in Ohio, has notified over 155,000 patients that some of their protected health information may have been compromised in a security breach incident. The patients’ personal data was stored in email accounts that may have been accessed during a phishing attack.
It is still unclear when the Five Rivers Health breach was discovered, but a third-party cyberattack team confirmed on March 31, 2021, that breached email accounts contained patients’ healthcare data. The email accounts were breached between April 2020, and June 2020, though the Five Rivers Health data breach notification letters were sent to victims more than a year after the email accounts were breached. The types of protected health information in the emails and attachments may have included:
- Name
- Address
- Date of birth
- Medical record number
- Patient account number
- Diagnoses & treatments
- Lab test reports
- Provider name
- Dates of service
- Treatment cost information
- Prescription information
- Health insurance information
- Medicaid or Medicare numbers
- Financial account number
- Payment card numbers
- Driver’s license number
- State identification number
- Social Security number
The Lyon Firm has experience filing class action data breach claims on behalf of plaintiffs nationwide. Call for a free consultation, to discuss your data theft case or to join an existing class action.