Two Large Payers Impacted by Ransomware Attack at Vendor

26 Oct, 2021 F.J. Thomas


Sarasota, FL ( – According to a recent report from DataBreaches, at least two large payers, Humana and Anthem, have been impacted by a ransomware attack earlier this year via the network server of one of their vendors, PracticeMax. According to their LinkedIn profile, the Arizona based company is a provider billing and IT solutions company, specializing in coding and chart reviews, healthcare analytics, and electronic medical records software. The incident began on April 17th and occurred through May 5th of this year. The company discovered the issue on May 1st but did not regain access to their system until May 6th. After investigation, on August 19th it was determined that files containing PHI information of Humana patients had been removed. The company states that at least for Anthem patients, that no social security number or financial information was impacted.

Humana issued a statement with the Attorney General in Maine stating that at least 4,424 patients with kidney disease were included in the breach. Anthem sent out mail notification of the breach, but has not issued a statement as to how many patients may be impacted, although according to the PracticeMax letter it appears patients with kidney disease may have been targeted there as well. Earlier this month, Indiana based Anthem paid out a $2.7 million from a $39.5 million multi-state settlement due to a 2014 data breach in which dates of birth, social security numbers, and other personal information was compromised.

According to recent statistics from Techjury, hospitals account for around 30 percent of all large data breaches reported, with 34 percent of healthcare breaches occurring from unauthorized access, and at a cost of $6 trillion at the end of 2020. The company estimates a 75.6 percent chance of breaches impacting at least five million records occurring within the next year.

According to the Health and Humana Services breach portal, there have been 24 breaches already reported this month alone, compromising records of 290,893 patients. While only 7 reports were the result of an IT hacking incident, the patient record total accounts for over a third of the total impact. Since the first of the year, 245 reports for network hacks alone have been reported, with 25,905,370 patient records breached.


  • AI arizona artificial intelligence case law case management claims communication compensability compliance conferences courts covid do you know the rule dr. claire muselman exclusivity florida FMLA glossary check Healthcare heat how the court ruled iowa judge david langham leadership medical medicare missouri NCCI new jersey new york ohio opioids osha Safety telehealth texas violence WDYT west virginia what do you think workers' comp 101 workers' recovery workers' compensation contact information Workplace Safety Workplace Violence

  • Read Also

    About The Author

    • F.J. Thomas

      F.J. Thomas has worked in healthcare business for more than fifteen years in Tennessee. Her experience as a contract appeals analyst has given her an intimate grasp of the inner workings of both the provider and insurance world. Knowing first hand that the industry is constantly changing, she strives to find resources and information you can use.

    Read More

    Request a Demo

    To request a free demo of one of our products, please fill in this form. Our sales team will get back to you shortly.