Cybersecurity Incident Reported by Healthcare Management CompanyTuesday, March 30, 2021
St. Louis, MO March 24, 2021 — PeakTPA today announced a cybersecurity incident affecting a total of 81 current and former clients, including Cleveland-based McGregor PACE. PeakTPA solution offers healthcare management services to health plans, Managed Care Advantage and Programs of All-Inclusive Care for the Elderly (PACE). On December 31, 2020, PeakTPA learned that patient data stored in two of its Amazon Web Services cloud servers was illegally accessed in a ransomware attack.
Upon learning of the incident, PeakTPA thoroughly investigated the situation, contacted federal law enforcement, and contracted with specialized third-party agencies, which determined that certain patient information had been revealed. PeakTPA’s agent successfully negotiated with the attacker and was provided evidence by video that the seized data was deleted.
“At PeakTPA, we take seriously the privacy of our trusted partner organizations and their valued patients. We are deeply sorry for the inconvenience this breach has caused and are doing all we can to assist those affected,” said Mike McGarrigle, Senior Vice President of PeakTPA. “Moving forward, we have instituted additional protections to prevent such a breach from happening again.”
On February 8, the contracted agencies concluded their forensics work and informed PeakTPA of the extent of the breach. The information accessed by the attack include name, date of birth, address, social security number and diagnosis codes. PeakTPA has notified all impacted clients and retained the professional services of Kroll Inc. to provide post-incident support, including a toll-free number for their enrollees. Support provided by Kroll Inc. on PeakTPA’s behalf includes credit monitoring, fraud consultation and identity theft restoration at no cost to the individuals for up to three years. If you have questions, please contact Kroll at (855) 761-0196 Monday through Friday, 8:00 a.m. to 5:30 p.m. Central Time, excluding major U.S. holidays.
Since the attack, the criminal group behind it was disrupted by U.S. federal authorities.