PFC USA Issues Notice of Data Security Incident

102
PFC USA Issues Notice of Data Security Incident-01

Professional Finance Company, Inc. (“PFC”), an accounts receivable management company that provides assistance to various organizations (including healthcare providers), announced today that it is notifying individuals whose information may have been involved in a recent network security incident.

On February 26, 2022, PFC detected and stopped a sophisticated ransomware attack, in which an unauthorized third party accessed and disabled some of PFC’s computer systems. PFC immediately engaged third party forensic specialists to assist with securing the network environment and investigating the extent of any unauthorized activity. Federal law enforcement was also notified. The ongoing investigation determined that an unauthorized third party accessed files containing certain individuals’ personal information during this incident.  PFC notified the respective healthcare providers on May 5, 2022. This incident only impacted data on PFC’s systems. The list of healthcare providers can be viewed here: 
https://bit.ly/CoveredEntitiesPFC

PFC found no evidence that personal information has been specifically misused; however, it is possible that the following information could have been accessed by an unauthorized third party: first and last name, address, accounts receivable balance and information regarding payments made to accounts, and, in some cases, date of birth, social security number, and health insurance and medical treatment information.

PFC today is mailing letters to potentially involved individuals with detail about the incident and providing resources they can use to help protect their information. PFC is also offering potentially involved individuals access to free credit monitoring and identity theft protection services through Cyberscout, a leading identity protection company.

Also Read: Three Strategies for Businesses to Prevent Worst-Case Cybersecurity Scenarios

Individuals should refer to the notice they received in the mail regarding steps they can take to protect themselves. As a precautionary measure, potentially impacted individuals should remain vigilant to protect against fraud and/or identity theft by, among other things, reviewing their financial account statements and monitoring free credit reports. If individuals detect any suspicious activity on an account, they should promptly notify the institution or company with which the account is maintained. Individuals should also promptly report any fraudulent activity or any suspected identity theft to proper law enforcement authorities, including the police and their state’s attorney general. Individuals may also wish to review the tips provided by the Federal Trade Commission (“FTC”) on fraud alerts, free security/credit freezes and steps that they can take to avoid identity theft.

PFC is providing a dedicated toll-free call center for potentially affected individuals who have questions, want to enroll in credit monitoring and identity theft protection services, or who want to learn additional steps to protect their information. To contact the call center, please call 1-844-663-3160, between 6am and 6pm MST.

Data security is one of PFC’s highest priorities. Since the incident, PFC wiped and rebuilt affected systems and has taken steps to bolster its network security. PFC also reviewed and altered its policies, procedures, and network security software relating to the security of systems and servers, as well as how data is stored and managed.

For more such updates follow us on Google News ITsecuritywire News