Illinois healthcare provider suffers breach impacting nearly 105,000 individuals

Cancer Treatment Centers of America and Midwestern Regional Medical Center (CTCA) based in Zion, Illinois, reported a breach last month potentially affecting 104,808 individuals, according to the Office for Civil Rights (OCR) breach report.

In a security notice, CTCA, which has facilities across the Midwest, said it identified suspicious activity from the email account of a CTCA account holder on January 18. The ensuing investigation revealed that an unauthorized user may have had access to information on the email account between January 12 and January 18. The password to the account was promptly changed, CTCA said, and the previous credentials were no longer able to access the account.

Information that may have been available to the unauthorized user included:

• CTCA account number
• Health insurance information
• Limited medical information
• Medical record number
• Name

CTCA said Social Security numbers and financial information were not involved in the incident.

In the letter sent to potentially affected individuals, CTCA recommended that individuals regularly monitor an explanation of benefits received from their health plans.

CTCA also noted that it has implemented additional security measures, continues to evaluate other security enhancements, and remains diligent in educating the workforce about security threat.