Data of Nearly 2M Patients Exposed in Ransomware Attack on Healthcare Debt Collection Firm

Professional Finance Company (PFC) was hit in February 2022 by a ransomware attack.

Dark Reading Staff, Dark Reading

July 14, 2022

1 Min Read
Photo of emergency entrance of a hospital
Source: Sean Pavone via Alamy

Debt-collection company Professional Finance Company (PFC) this month disclosed that data on healthcare patients from hundreds of its medical organization clients had been breached in a ransomware attack on the firm in February. PFC provides collection services for some 650 hospitals and healthcare facilities in the US.

"PFC found no evidence that personal information has been specifically misused," the company said its data breach disclosure notice, but added that "it is possible" some patient data was "accessed by an unauthorized third party."

Among that data: patient names, addresses, account balances, and in some instances, birth dates, Social Security numbers, health insurance information, and treatment data, PFC said. According to a report on Tech Crunch, PFC told the US Department of Health and Human Services that the attack affected 1.91 million patients.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights