article featured image


New York-based Practicefirst Medical Management Solutions, a medical management company that processes data for health care providers, declared that a 2020 healthcare ransomware attack may have exposed personally identifiable information (PII) of patients and work staff.

Established in 1960 as a medical billing specialist company, Practicefirst Medical Management Solutions has become a leader in billing, credentialing, coding, compliance, chart auditing, bookkeeping, and tax preparation. Headquartered in Amherst, New York, Practicefirst serves over 75 clients across the country.

How Did the Practicefirst Cyberattack Happen?

On December 30, 2020, the vendor discovered that an unauthorized cybercriminal who tried to deploy ransomware to encrypt their systems copied files that included restricted patient and employee sensitive data.

The information, later deleted, contained birthdates, names, addresses, driver’s license numbers, Social Security numbers, email addresses, and tax identification numbers.

In addition, diagnoses, lab and treatment information, medication information, health insurance identification, employee usernames and passwords, bank account information, and tax identification numbers were exposed.​

Upon learning of this, Practicefirst shut down their systems, changed passwords, notified law enforcement, and hired national privacy and security experts.

The vendor stated it is not aware of any fraud or misuse of data as a result of the healthcare ransomware attack, and the attacker notified Practicefirst that the information was never shared and was later destroyed.

We immediately reported the incident to appropriate law enforcement authorities and implemented measures to further improve the security of our systems and practices.

We worked with a leading privacy and security firm to aid in our investigation and response and will report this Incident to relevant government agencies. We also implemented additional security protocols designed to protect our network, email environment, and systems.


What Can Affected People Do?

Practicefirst Medical Management Solutions established a dedicated assistance line for individuals seeking additional information with respect to the ransomware attack.

People are encouraged by the vendor to remain vigilant against identity theft and fraud incidents, review account statements and monitor free credit reports for dubious activity.

Author Profile

Antonia Din

PR & Video Content Manager

linkedin icon

As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.

Leave a Reply

Your email address will not be published. Required fields are marked *

Protect your business by doing more with less

Book a Demo