Starling Physicians is warning that it was the victim of a data breach, and some patient information may be affected.
According to an announcement released Tuesday, Starling was the target of a cyber-phishing attack on February 8. When the Connecticut-based healthcare group learned of the breach, they secured the three affected email accounts and hired a forensic security firm. On September 12, investigation found that the email accounts affected by the attack contained information including certain patients’ names, addresses, dates of birth, passport numbers, Social Security numbers, medical information and health insurance or billing information.
A company spokesperson wouldn't confirm exactly how many patients are affected, but said it is less than .01 percent of active patients.
Starling said as soon as they learned patient data was compromised, they began putting together a mailing list of affected patients. The healthcare group mailed letters to affected patients Tuesday with instructions on how to protect themselves against fraud or identity theft. Patients whose social security numbers are affected are being offered free credit monitoring and identity theft protection services.
Patients should review credit card, bank and other financial statements, as well as their insurance activity, for anything suspicious. Any suspicious activity should be reported to the agency involved as well as law enforcement and the state attorney general.
Anyone with questions or concerns can contact Starling at 1-888-800-3306, Monday through Friday, 8 a.m. to 5 p.m.
For more information on how to protect against fraud, visit the FTC website here.