American Medical Technologies reports breach affecting nearly 50,000 individuals

American Medical Technologies (AMT), a California-based provider of healthcare supplies, notified individuals in late June that their data was potentially breached during a 2019 security breach.

The protected health information (PHI) of 47,767 individuals may have been compromised, according to the Office for Civils Rights (OCR) breach report.

On December 17, 2019, AMT discovered suspicious activity within an employee’s email account, according to the privacy incident noticed posted to AMT’s website. AMT immediately engaged a third-party forensic firm to investigate. An extensive investigation concluded on May 14, as AMT determined that the personal information may have been available to the attacker during the incident.

The information may have included the following:

• Diagnostic information
• Driver’s license/state identification numbers
• Health insurance policy or individual subscriber numbers
• HIPAA account information
• Medical history information
• Medical record numbers
• Names
• Social Security numbers
• Taxpayer ID numbers

In the wake of the incident, AMT consulted two information security companies to review its email systems. AMT implemented improvements to its systems following recommendations from the information security companies, according to the privacy incident notice. Additional safeguards were introduced to upgrade data security on AMT’s web server infrastructure.

AMT sent notices to the affected individuals and has set up a toll-free call center to field questions about the incident.

More information, including an FAQ regarding the incident, is available on AMT’s website.