Phoenician Medical Center reports 162,500 patients impacted by data breach

Phoenician Medical Center, Inc. and its affiliated entities, Phoenix Neurological & Pain Institute and Laser Surgery Center, reported a data breach after discovering unauthorized access to patient data.

The incident was detected after the company's systems experienced disruption on March 31, prompting PMC to secure its systems and initiate an investigation. The investigation confirmed that an unauthorized party accessed PMC's IT network and potentially removed certain files containing confidential patient information from 2016 to 2023.

It's estimated that the data of 162,500 patients was exposed. No details are available as to the nature of the attack but it's quite possible that disruption is ransomware.

The breach exposed sensitive information, including:

• names,
• dates of birth,
• contact details,
• demographic information,
• state identification numbers,
• diagnosis and treatment information,
• other protected health information.

After identifying the breach, PMC reviewed the compromised files to assess the extent of the leak and identify affected individuals. Subsequently, data breach notification letters were sent to all impacted patients.