More than a year after discovering a potential breach to its websites, healthcare administrative services and IT provider, CoPilot Provider Support Services has notified 220,000 patients and doctors who used its service.

An unauthorized user breached one of CoPilot's databases, used by both healthcare providers and patients, in October 2015, according to officials. The hacker downloaded files that contained names, dates of birth, addresses, phone numbers, health insurers and some Social Security numbers of some users. No financial, medical treatment or other information was accessed.

CoPilot discovered the breach on Dec. 23, 2015, and the company immediately launched an investigation, officials said.

There is no indication for why CoPilot took more a year to notify its users. And no information was released as to the source of the breach, whether it was a breach from an insider or an outside attack.

The company sent notification letters to users impacted by the breach and is offering data protection services. Further, CoPilot established a call center for patients with questions.

"CoPilot recognizes the importance of protecting patient information and is committed to taking steps to prevent this type of incident from occurring again in the future, including the monitoring of its databases by K2 Intelligence, Inc., an independent and nationally renowned forensic IT firm," officials said.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn