Arizona Priority Care and AZPC Clinics notify 10,978 patients of malware attack
Arizona Health Advantage, Inc. d/b/a Arizona Priority Care and AZPC Clinics, LLC (“APC”) are healthcare providers and business associates. On February 1, they notified HHS of an incident that affected 10,978 patients. As a business associate, their report to HHS was filed on behalf of Alignment Health Plan of Arizona, Inc. and Alignment Health Insurance Company of Arizona, Inc., Blue Cross Blue Shield of Arizona, Health Net of Arizona, Inc. (Centene), and WellCare Health Plans of Arizona, Inc. (Centene).
According to APC’s substitute notice, on December 2, employees noted difficulty accessing some servers. The breach was discovered on December 5, and malware was detected on some servers. An investigation revealed that the malware was used to access and exfiltrate data.
APC’s notice makes no mention of ransomware or any ransom demand. DataBreaches sent an inquiry asking about that and will update this post if a reply is received.
For patients who the attack may have affected, the categories of protected health information might include, among other things: name, date of birth, address, treatment dates and information, services authorization numbers, and health plan member number.
A copy of APC’s substitute notice can be found on its website.