Mississippi Center for Advanced Medicine reports data breach

Posted: Jun 23, 2021 / 02:30 PM AST

Updated: Jun 23, 2021 / 12:02 PM AST

This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

JACKSON, Miss. (WJTV) – On Wednesday, leaders with the Mississippi Center for Advanced Medicine (MCAM) announced the organization was affected by a data breach last year. The breach affected MCAM’s internal server that may have included access to the health information of some patients.

According to officials, MCAM was the victim of a ransomware demand in December 2020. They reached out to an information technology consulting company to determine whether a breach had occurred. On April 26, 2021, the company notified MCAM about the data breach to the internal server.

The server contains documentation related to MCAM’s programs and services. Some of the information contained in files on the server was related to MCAM patients and contained potentially identifiable health information.

All of the affected files have been fully secured and we are working diligently through the notification process.
Our investigation into the scope of the incident is ongoing. However, we believe impacted information may include all, or a subset of, the following: certain names, email addresses, phone numbers, home addresses, dates of birth, Social Security numbers, information to process insurance claims, prescription information such as prescription number, prescribing doctor, medication names and dates, medical history, as well as certain clinical services, such as whether an influenza test was ordered. Please note that electronic health record information was not compromised, and no credit or debit card information or other financial information was impacted.
MCAM takes these matters extremely seriously, and the safety of personal information is of upmost importance to us. We have personnel dedicated to investigating this matter to identify precisely the types of information that may have been accessed and the identity of the persons whose information may have been accessed. Our server was secured by a network security company and this breach occurred despite the fact MCAM had in place security measures that were industry standard at the time. Since the incident, we have instituted additional security measures.
We encourage all MCAM patient families to actively monitor personal information and immediately report any fraudulent activity to the proper authorities. If you desire, there are credit monitoring services and fraud alerts available online. We do want to reiterate that we have no reason to believe that your information will be used by the ransomware attackers but we want to make sure that each of you know of our response to the incident. We would also encourage you to avoid clicking on links, downloading attachments from suspicious emails, and to be cautious of any unsolicited communications that ask for your personal information.
MCAM

MCAM officials said patients can contact their office with any additional questions via any of the following: