Data breach of Credit Control Corporation may impact several Virginia hospitals and medical practices
Take action: Continuously evaluate third party risk and their posture. In this incident the hospital patients were impacted through a debt collection agency breach.
Learn More
Credit Control Corporation (CCC) - a debt collection vendor for multiple major hospitals and medical practices, is notifying of recent event that could potentially affect the privacy of their data.
On March 7, 2023, CCC became aware of unusual activity on certain systems within its network. CCC immediately isolated the affected systems and began a comprehensive investigation, with the assistance of third-party forensic experts.
The investigation revealed that certain files were copied from CCC's network as part of a cyber incident that occurred between March 2, 2023 and March 7, 2023. The review of the files is ongoing, but as of May 3, 2023, it was determined that the files contained information such as name, address, Social Security number, and account-related information (e.g., account number, account balance, and date of service) of individuals associated with CCC's business partners. The specific information varies by individual.
On May 4, 2023, CCC began notifying its business partners and worked with them to inform individuals whose information was contained in the files.
