Jump to content
  • AdSense Advertisement


  • AdSense Advertisement


  • AdSense Advertisement


  • Uncrowned Guard
    Uncrowned Guard

    Massive Data Breach Hits Healthcare’s ConnectOnCall, Exposing Sensitive Patient Information

      TL;DR: ConnectOnCall, a subsidiary of Phreesia, experienced a significant data breach, potentially compromising the personal and medical information of nearly a million individuals. The breach, reported in May 2024, involved sensitive data including health conditions, treatments, and Social Security numbers. It was the 14th largest healthcare sector breach that year. The breach was discovered on May 12, 2024, revealing unauthorized access from February 16 to May 12, 2024. ConnectOnCall took immediate steps, engaging cybersecurity experts and notifying federal authorities. Affected individuals were informed and offered identity protection services. Customers are advised to stay vigilant for any signs of identity theft or fraud.

    ConnectOnCall Faces Large-scale Data Breach

    Nearly a million people may have had their confidential personal and medical data swiped from ConnectOnCall's systems, courtesy of a data breach reported in May. ConnectOnCall, a subsidiary of Phreesia, is a digital answering service purveyor facilitating healthcare providers to manage patient calls after office hours.

    The Personal and Health Data Compromise

    Escalating the severity of the breach is a broad spectrum of information, ranging from basic patient details such as names, phone numbers, and dates of birth, to more sensitive data including health conditions, treatments, prescriptions, and in some instances, Social Security numbers. This information is typically conveyed between patients and doctors who took advantage of ConnectOnCall's services.

    Although Phreesia refrained from specifying a headcount, the U.S. Department of Health and Human Services was informed that 914,138 individuals were being alerted about the potential theft of their information. According to the official data breach statistics, the intrusion at ConnectOnCall was the healthcare sector's 14th largest data violation in 2024.

    Announcement of the Security Incident and Subsequent Actions

    The security breach came to light on May 12, 2024, when ConnectOnCall realized an issue affecting its service. Swift action followed as an immediate investigation was launched to resolve the issue and gauge its extent, while steps to secure their product and overall surroundings were taken. The findings unveiled that an unidentified external entity had access to the application and patient-provider communications data from February 16 through May 12, 2024.

    To fully comprehend the incident's magnitude and affected information, ConnectOnCall brought external cybersecurity experts on board. Simultaneously, measures were being implemented to enhance their security controls to deter future breaches. Following the detection of the breach, the ConnectOnCall service was taken offline and a phased restoration plan was put into motion in a reinforced secure environment. Federal law enforcement was also informed of the incident.

    Potential victims of this breach, albeit ConnectOnCall has no knowledge of any misuse of the pilfered information or harm caused to patients, are urged to stay cautious and report any suspicious identity theft or fraudulent activity to their health plan, insurer, or financial institution.

    On December 11, 2024, ConnectOnCall mailed notification letters to the current addresses provided by the compromised healthcare providers of all potentially impacted individuals. The letters contained details of the incident alongside an offer for identity and credit monitoring services through Kroll. Affected individuals were specifically targeted when Social Security numbers were involved.

    Individuals seeking further information about this incident can call ConnectOnCall toll-free at (866) 997-4596, available Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time.


    Image Credit: Photo by Antoni Shkraba: https://www.pexels.com/photo/doctor-using-her-smartphone-near-the-green-plants-5214993/

    Todd "Uncrowned Guard" Badman is an avid tech enthusiast with a deep passion for consumer technology, especially home servers and self-hosted solutions. With extensive experience in setting up and managing personal tech environments, Todd is dedicated to empowering users to take control of their digital lives. He strives to provide clear, unbiased information to help others navigate the ever-evolving world of technology with confidence and ease.

    Email Todd | Visit Profile | Direct Message

    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

  • News Categories

  • AdSense Advertisement


  • AdSense Advertisement


  • AdSense Advertisement


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.