Earlier this month, Sharp Healthcare announced that the server that runs its website experienced a data breach on Jan. 12, impacting nearly 63,000 people who paid a bill or invoice using the online bill payment service between Aug. 12, 2021 and Jan. 12, 2023.
“While it varied from person to person, the information contained in the file was limited to patient names, internal Sharp identification numbers and/or invoice numbers, payment amounts, and the names of the Sharp entities receiving the payments,” the health care group said.
Sharp confirms, however, that bank account or credit/payment card information, social security numbers, contact information, health insurance information, dates of birth, clinical information, department name, provider name, or information about the services received, were not exposed. Additionally, Sharp adds that the attack did not penetrate its “FollowMyHealth” patient portal.
Sharp said they “immediately initiated its incident response protocols, which included taking potentially impacted servers offline” when the breach occurred, and sent notification letters to individuals whose information was exposed, according to the health care group.
The company statement also pointed to an upgrade of security tools to its website servers that should “prevent this from happening in the future”.