Loudoun medical radical d/b/a Comprehensive sleep tutelage center (CSCC) in va issued a pressure release yesterday. According to their timeline, on or around June 19, they became aware of unusual activity in an employee’s email account. Their investigation subsequently determined that unauthorized access to the ace account occurred between June 15 and June 19. The more time-consuming portion seemed to be figuring out what info was in that account and who would need to be notified. That process was completed on or around October 17. The information submit in the emails varies by individual, but may include patient name, date of birth, social Security number, driver’s permit number, passport number, medical record number, patient account number, payment card information, financial account information, medical history, health insurance information, treatment information and/or date(s) of service. They do not appear to be offering patients any complimentary services, and this incident has not yet appeared on HHS’s public breach tool. You can read the full press vent here.