Parathon by JDA eHealth Systems reports data breach

Parathon by JDA eHealth Systems, an Illinois-based healthcare software and support company, experienced a significant data breach following a ransomware attack by the Akira group.

Parathon functions as a third-party denials management and revenue cycle management provider for healthcare services. It specializes in handling insurance claim denials and overseeing the financial processes from patient registration to final payment, helping healthcare providers streamline operations and optimize revenue.

The incident, first detected on July 27, 2023, led to unauthorized access to sensitive consumer information. The breached data potentially includes:

• names,
• addresses,
• dates of birth,
• protected health information, such as diagnosis and insurance details.

Financial account information, social security numbers, and passwords were not compromised. No details are disclosed about the number of affected individuals.

Parathon responded by securing its network, initiating an investigation, and sending data breach notification letters on December 22, 2023, to those impacted. These letters outlined the nature of the compromised information and offered free credit monitoring and identity theft protection services through Cyberscout. The company also stated that they have made all efforts possible to mitigate further exposure and identity theft, though it is unclear if this included paying the ransom.