Patient information exposed in July attack on DuPage Medical Group computers
DuPage Medical Group is notifying 600,000 patients that some of their confidential personal information may have been stolen in a July attack on the group's computer networks.
That information includes names, addresses, birth dates, diagnosis codes, medical procedure codes and treatment dates. For some people, it may include their Social Security numbers, according to a news release DuPage Medical Group posted Monday. It did not affect financial account numbers, officials said.
The Downers Grove-based physician group says there is no evidence that any of the information has been used by the attackers. But it is offering to pay for credit-monitoring and identity-theft protection services for the patients.
DuPage Medical Group has more than 700 physicians.
Reports of the outage started surfacing on social media on July 13 when patients complained about being unable to schedule appointments or contact physicians to get refills of medications. The disruption lasted nearly a week.
DuPage Medical Group has set up a call center for people who have questions about the attack at (800) 709-2027. It is open from 8 a.m. to 8 p.m. on weekdays.
The company has reported the attack to unspecified law enforcement, it said in the release.