Email Account Breach at Payment Processing Vendor Impacts 3 Healthcare Providers

Provider Health Services in Lafayette, LA, Arkansas Methodist Medical Center in Paragould, and lntelliRad Imaging in Miami, FL have reported that they were impacted by an email security breach that occurred in one of their business associates.

IBERIABANK provides the three entities with a lockbox service collecting and processing payments. IBERIABANK partners with Technology Management Resources, Inc. (TMR) as its third‐party lockbox service provider that captures and processes payment information for the lockbox. TMR found out on July 3, 2020 that an unauthorized person accessed an employee’s email account and potentially viewed or exfiltrated images that contain protected health information (PHI).

TMR informed impacted clients on August 21, 2020 and affirmed that the hacker most likely viewed pictures of checks and various images that had PHI inside the TMR’s iRemit application. The threat actor accessed the images from August 5, 2018 to May 31, 2020, with the majority of the activity occurring from February 2020 to May 2020.

In the substitute breach notice of Provider Health Services, it stated that the PHI possibly viewed included names, addresses, several medical data, and Social Security numbers.

Arkansas Methodist Medical Center reported that aside from the above information, the following data were potentially compromised: checking account numbers and routing numbers indicated on personal checks and data given together with payments for instance AMMC account numbers.

lntelliRad imaging confirmed that the potentially compromised information included patient names, addresses, bank account and routing number, Social Security numbers, diagnosis and treatment details, test results, medical insurance data, and other data associated to patient health care.

After the breach occurred, TMR took various steps to avert more breaches. Extra firewall protocols were implemented to carefully manage the iRemit web page access. Access from other countries was also restricted.

The email security breach affected 4,916 patients from Arkansas Methodist Medical Center, 1,700 patients from Provider Health Services, and said 1,862 patients from lntelliRad imaging.