More than 2.2 million patients across almost 120 pediatric physician practices and practice groups in the U.S. may have had their data compromised by a breach at pediatric health IT vendor Connexin Software in August, according to HealthITSecurity.
After infiltrating Connexin’s internal network, threat actors obtained access to and removed some parts of a patient dataset available online that has been leveraged for data conversion and troubleshooting purposes, said Connexin in a data breach notification letter sent to impacted individuals.
Pediatric patients’ demographic data, treatment details, Social Security numbers, health insurance information, and billing and claims data may have been affected by the incident, which may have also impacted data from parents, guardians, and guarantors, but Connexin emphasized that its live electronic record system, as well as physician practices’ systems, medical records systems, and databases, were not affected.
Meanwhile, health insurance agency CCA Health California disclosed that 14,631 individuals had their data potentially compromised by the breach at the former Vitality Health Plan of California, which it now owns.