DuPage Medical Group notifying 600,000 patients about a data breach

DuPage Med­ical Group on Monday announced it will mail letters to­ 600,000 patients notifying them their personal information may have been compromised last month when its computer network was hacked.

DuPage Medical Group is the largest independent physician group in Illinois.

Patients’ personal information may include names, address­es, dates of birth, diag­no­sis codes and information on medical procedures and treatment dates. The hackers may have accessed the Social Security num­bers for a smaller number of people, the medical group announced in a news release.

“To date, DMG has no evi­dence that any infor­ma­tion has been sub­ject to actu­al or attempt­ed mis­use as a result of this inci­dent. This event did not impact finan­cial account numbers,” the medical group said.

DMG became aware of the security breach July 13 and is working with cyber-forensic specialists to “deter­mine the full nature and scope of the inci­dent.”

The “security incident” caused by “unauthorized actors” disrupted the medical group’s computer network. The unauthorized access occurred July 12 and 13.

“On August 17, 2021, we deter­mined that cer­tain files stored with­in our envi­ron­ment that con­tained patient infor­ma­tion may have been impact­ed by this incident,” the medical group said.

The medical group is offer­ing cred­it mon­i­tor­ing and identity theft pro­tec­tion at no cost to patients who may have been affected.

Additional security measures have been put in place, the medical group said.

Patients who have questions about the hack can call 1−800−709−2027 between 8 a.m. to 8 p.m. Mon­day through Fri­day or by vis­it­ing www.dupagemedicalgroup.com.