A massive data theft has hit the company Perry Johnson & Associates, engaged in services related to the transcription of medical documents. According to the reconstructions of the case, information concerning more than 8.95 million people.
The cyber attack against the company apparently occurred last March, although the fact was only made public a few days ago.
According to PJ&A’s data breach disclosure, the stolen data includes generic information (such as name, surname, data of birth, address) and others more specific from a medical point of view, such as diagnosis e medical recordsplus a few social security numbers e insurance data.
At present, the Nevada-based company did not want to reveal what strategy was implemented by the cybercriminals to carry out the attack.
American healthcare and data theft: in the last year, confidential information has been stolen from millions of patients
At present, two PJ&A customers have so far come forward to confirm the breach of their patient data. One of them is Northwell Healththe largest health system in New York State.
The organisation, among other things, has already been the victim of a similar case during this year, even if in that case the attack had unwillingly involved another company, namely Nuance Communications.
According to the data breach portal of the Department of Health and Human Serviceswhose data dates back to 2020, the PJ&A data breach is second in size only to the data theft of 11 million people immediately from HCA Healthcare earlier this year.
On the other hand, attacks on this sector are certainly nothing new. Just think of the work of ransomware Blacksuit and to the many reports of data theft in the states and beyond.