Data breach impacts up to 203K CoxHealth patients

A data breach earlier this year may have impacted up to 203,000 CoxHealth patients, officials with the health system say.

Intellihartx LLC, a CoxHealth billing vendor, in February discovered its secure file transfer protocol provider, Fortra, was subject to a data breach through its GoAnywhere application, according to a statement from the health system. The breach involving CoxHealth recently came to light in media reports.

"The incident has the potential to affect approximately 203,000 CoxHealth patients. It should be noted that analysts arrived at that number out of an abundance of caution. In the forensic review, analysts were not able to limit the scope with absolute certainty," the statement reads. "So, to be safe, ITx and their forensic auditors are considering any folders that were breached as potential points of risk."

The impacted CoxHealth files included daily transaction files, archived transaction files and a full inventory file containing information on individuals with daily transaction files, archived transaction files and a full inventory file in active payment plans, according to the statement.

"The breach consisted of patient medical billing and insurance information such as: name, address, date of birth, Social Security number and diagnosis," the statement reads. "Although ITx cannot confirm direct misuse of information, the vendor is notifying all individuals with sensitive information stored in the affected systems and offering complimentary access to Experian IdentityWorks for 12 months."