HealthcareCISO

Healthcare business associate Peak TPA is notifying 50,000 PACE program patients that their data was stolen from two of its cloud servers by an attacker. The third-party administrator supports claims management on behalf of PACE programs.

Peak TPA learned of the hack on December 31 and later determined NetWalker hackers were behind the attack. NetWalker was taken down in late January by federal agencies.

The investigation determined the hackers cracked into the cloud servers and obtained patient information, including names, contact details, Social Security numbers, PACE program IDs, diagnoses, and treatment data.

All impacted patients will receive...