DuPage Medical Group notifying 600,000 patients about a data breach

DuPage Medical Group on Monday announced it will mail letters to 600,000 patients notifying them their personal information may have been compromised last month when its computer network was hacked.

DuPage Medical Group is the largest independent physician group in Illinois.

Patients’ personal information may include names, addresses, dates of birth, diagnosis codes and information on medical procedures and treatment dates. The hackers may have accessed the Social Security numbers for a smaller number of people, the medical group announced in a news release.

“To date, DMG has no evidence that any information has been subject to actual or attempted misuse as a result of this incident. This event did not impact financial account numbers,” the medical group said.

DMG became aware of the security breach July 13 and is working with cyber-forensic specialists to “determine the full nature and scope of the incident.”

The “security incident” caused by “unauthorized actors” disrupted the medical group’s computer network. The unauthorized access occurred July 12 and 13.

“On August 17, 2021, we determined that certain files stored within our environment that contained patient information may have been impacted by this incident,” the medical group said.

The medical group is offering credit monitoring and identity theft protection at no cost to patients who may have been affected.

Additional security measures have been put in place, the medical group said.

Patients who have questions about the hack can call 1−800−709−2027 between 8 a.m. to 8 p.m. Monday through Friday or by visiting www.dupagemedicalgroup.com.