BLOG: US Eye Clinic Suffers Data Breach Impacting 92,000 Patients

A healthcare clinic based in Missouri has informed US regulators of a data breach incident affecting more than 90,000 individuals. The clinic, Mattax Neu Prater Eye Center announced the breach at the end of June, however, the incident took place in December 2021.

HIPAA has alleged that, 92,361 individuals were impacted by the breach. Mattax Neu Prater aid that the “third-party data security incident” may have resulted in unauthorized access to the sensitive personal information of .some patients.

The incident concerns the electronic medical records platform myCare Integrity, which is owned by the practice performance company Eye Care Leaders. According to Eye Care Leaders, on or around December 4, 2021, an unauthorized party accessed myCare Integrity data and deleted databases and system configuration files.

After discovering the suspicious activity, Eye Care Leaders said its incident response team immediately stopped the unauthorized access and began investigating. The clinic is adamant that there is no evidence that the incident involved unauthorized access to any of Mattax Neu Prater’s patient records and that the unauthorized access was not specific to Mattax Neu Prater, but affected eye practices across the country.

The clinic also added, “this data security incident occurred entirely within Eye Care Leaders’ network environment, and there were no other remedial actions available to Mattax Neu Prater.” Alongside “However, a lack of available forensic evidence prevented Eye Care Leaders from ruling out the possibility that some protected health information and personally identifiable information may have been exposed to the bad actor.”

Mattax Neu Prater said it does not have any evidence of identity theft as a result of the incident but has informed anyone who might be impacted via postal mail. There seems to be a rise in data breaches across the country.