Champaign, Ill.-based Christie Clinic, a physician-owned multispecialty group practice, suffered a data breach that placed the personal data of 502,869 people at risk, according to the HHS breach portal.
One of Christie Clinic's business email accounts was accessed by an unauthorized user from July 14, 2021, to August 19, 2021, the practice said in a March 24 statement. An investigation suggested that the purpose was to intercept a business transaction between Christie Clinic and a third-party vendor.
Affected individuals may have had their personal information compromised, including address, Social Security number, medical information and health insurance information, the practice said. No EMRs were accessed.
Christie Clinic said that since the incident, the practice has added more safeguards to patient data.