Silver Creek Fitness & Physical Therapy of California suffered a data breach through a third-part contractor that exposed their clients personally identifiable information to include Social Security and Medicare numbers.
The company reported to the state of California Department of Justice Office of the Attorney General that it was notified on Sept. 11 that its billing and software companies had discovered that data stored with Amazon Web Services was accessible to unauthorized persons between May and Sept. 11, 2016. Patients using the company’s Silver Creek Fitness & Physical Therapy locations in Gilroy, Sunnyvale, and Los Gatos were specifically compromised.
Silver Creek said that so far the vulnerable data has not been used to commit any acts of fraud, but noted the information possibly compromised included: name, Medicare number, prescription,
date of birth, treatment location, treatment date, Social Security number, drivers license number, and progress notes.
The company has notified those involved and has locked down the affected Amazon accounts.