ATI Physical Therapy

ATI Physical Therapy faced a security incident that appears to have targeted employees’ email accounts.

It affected the security of personal information of certain ATI patients.

ATI discovered that certain employees’ direct deposit information was changed in their payroll platform.

It determined that certain ATI employee email accounts were accessed without authorization between January 9, 2018, and January 12, 2018.

Data compromised includes name, date of birth, driver’s license or state identification number, Social Security number, credit card number, financial account number, patient identification number, Medicare or Medicaid identification number, medical record number, diagnosis, disability code, treatment information, medication/prescription information, doctor’s or therapist’s name, billing/claims information, and/or other health insurance information.

Social Security number was only impacted for a small percentage of the affected population.

ATI is providing potentially impacted individuals access to free credit monitoring services.

Source: https://www.databreaches.net/ati-physical-therapy-notifies-patients-of-data-breach/

"id": "ATI20449622",
"linkid": "ati-physical-therapy",
"type": "Data Leak",
"date": "03/2018",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"