Law enforcement continues to work with UMass Memorial Medical Group in the ongoing investigation regarding a data breach that took place last April. With as many as 14,000 patients affected, data stolen included names, addresses, dates of birth, medical records, social security numbers and most dangerous of all credit and debit card numbers.
A statement released by UMass Memorial stated that the breach was believed to be caused by a former employee who “accessed billing records outside normal job duties” between January 7th and May 7th of last year. The breach was discovered on April 9th which is when a collaborative investigation with law enforcement began.
Copies of patient billing documents were discovered by law enforcement in August – in the possession of an authorized person. UMass started letting patients who might have been affected know by sending out letters on January 30th, after officers gave them the go-ahead to do so.
UMass says that they deeply regret the incident and any inconvenience caused by it – and that they’re dedicated to maintaining the security of patients’ information. They’ve set up a dedicated call center to assist patients with any questions, and more information can be found on their official web page.
The investigation by both law enforcement and UMass is ongoing.