Unauthorized access to New Hanover, Columbus county healthcare databases may have involved personal information

Unauthorized access to New Hanover, Columbus county healthcare databases may have involved personal information
AccuDoc Solutions Inc. and Atrium Health announced that AccuDoc has been the victim of a cyber incident and that certain databases containing billing information belonging to Atrium Health and its managed locations may have been involved. (Source: WECT).

CHARLOTTE, NC (WECT) - For a week in September, patients at Columbus Regional Health Network and New Hanover Regional Medical Center Physician Group may have had personal information exposed after a cyber incident that affected AccuDoc Solutions Inc. and Atrium Health.

According a news release from AccuDoc and Atrium, databases containing billing information belonging to Atrium Health and its managed locations may have been involved. Multiple forensic experts reviewed AccuDoc's systems and it appears an unauthorized third party gained access to AccuDoc's databases between Sept. 22-29 and Atrium was informed on Oct. 1.

Investigations indicate information was not removed from AccuDoc's systems and Atrium Health's core systems were not involved in this incident. Personal clinical and medical records and bank account, credit and debit card numbers were also not involved in the breach, according to the release.

Information that may have been accessed includes: first and last names, home addresses, dates of birth, insurance policy data, medical record numbers, invoice numbers, account balances, dates of services and Social Security numbers.

"While we are not aware of any misuse, AccuDoc and Atrium Health are contacting patients and guarantors whose information was in the affected databases out of an abundance of caution," AccuDoc and Atrium said in the news release. "Those with Social Security numbers involved in this incident are being offered free credit monitoring and identity protection services."

The databases accessed by the unauthorized third party contained information provided in connection with payment for healthcare services at an Atrium Health location, formerly Carolinas HealthCare System, and at locations managed by Atrium Health including Blue Ridge HealthCare System, Columbus Regional Health Network, NHRMC (New Hanover Regional Medical Center) Physician Group, Scotland Physicians Network and St. Luke’s Physician Network.

Both AccuDoc and Atrium Health have been in contact with the Federal Bureau of Investigation (FBI) about the breach and how to prevent future cyber incidents.

On Monday, WECT reported a single email led to the improper release of information of 158 Wilmington city employees earlier this year.

For questions or additional information, call 1-833-228-5726 Monday through Friday from 9 a.m.-6 p.m.. You can also visit www.krollfraudsolutions.com/accudocincident for a list of frequently asked questions.

Copyright 2018 WECT. All rights reserved.