On July 12, 2023, a hospital in Chicago, Illinois, suffered a massive data breach that exposed the protected health information of over 200,000 patients, including names, social security numbers, and more. Community First Medical Center (CFMC) released a statement last month informing affected patients and other members of the medical community about what went down earlier this year. On their website, the statement claims that the hospital first learned of the attack on July 28, 2023.
The hospital claims they worked with leading cybersecurity experts, and after an extensive forensic investigation, it was discovered that one or more of the files were potentially accessed by the unauthorized party on or about July 12, 2023. The files accessed contained personal information pertaining to certain individuals, such as full names, telephone numbers, email addresses, Social Security numbers, medical record numbers, and Medicare numbers. While the elements of personal information involved varied per individual, according to the HIPAA Journal, the breach affected roughly 216,047 patients.
"CFMC has no evidence that any personal information has been or will be misused as a direct result of this incident," hospital officials wrote. However, as a result of the breach, the hospital is taking cautious steps to ensure their patient's safety. "CFMC is committed to maintaining the privacy of personal information in its possession and has taken many precautions to safeguard it. CFMC continually evaluates and modifies its practices to enhance the security and privacy of the personal information it maintains."
On September 26, 2023, CFMC notified those individuals whose information may have been included in the files potentially accessed by the unauthorized party with a letter in the mail. Those notified individuals have been provided with best practices to protect their information and are being offered free credit monitoring services. In the five-page letter, CFMC has advised those affected by the breach to place a security freeze and fraud alert on their credit report and to report any unusual activity on their accounts.
For individuals who have questions or need additional information regarding this incident or to determine if they are impacted and are eligible for credit monitoring, CFMC has established a dedicated toll-free response line at (844) 725-0399. Patients can contact the response line Monday through Friday, 8:00 a.m. to 8:00 p.m. Central Standard Time. Affected CFMC patients can learn more about why/how data breaches occur and what they should do to protect themselves after their information has been exposed due to a data breach here.
Located at 5645 W. Addison St., Community First Medical Center is a 299-bed hospital that includes spine and orthopedic practices, a radiology center, an emergency department, and an outpatient services center. The hospital also provides rehabilitation, cardiology, pathology, and laboratory services. CFMC employs more than 300 people and generates approximately $40 million in annual revenue. Victims of the CFMC breach can contact a Morgan & Morgan attorney to learn more about what their legal options are and if they may be eligible for financial compensation.
For over 35 years, our law firm has helped thousands recover what they deserved after their personal information was stolen, and we want to help you too. For more information, connect with a Morgan & Morgan data breach attorney by completing our free, no-obligation case evaluation form today.