Buffalo, N.Y.-based medical group General Physician, PC, filed a notice of data breach with the U.S. Department of Health and Human Services, according to an Oct. 23 report published by JDSupra.
The notice was filed Oct. 4, after GPPC realized an unauthorized party gained access to a company email account. This then resulted in the unauthorized party accessing consumers' private information, including names, addresses, Social Security numbers, financial information, birth dates, medical information and health insurance information.
The unusual activity was initially detected June 12, which was followed by an investigation with the support of third-party cybersecurity experts. On Aug. 6, the investigation confirmed that an unauthorized party had accessed GPPC's email system between April 6 and June 12.