Connecticut-based Stamford Podiatry Group said the malicious hackers gained access to their systems between Feb. 22 and April 14 and accessed its electronic health record database.
"Although we have not been able to confirm that your personal information was accessed and copied, we have not been able to rule out that possibility and encourage you to take ... protective measures," the organisation wrote in a letter to patients.
Since discovering the incident in April, the provider said they had completed “a thorough forensic review and taken appropriate measures to ensure terminations of all unauthorised access to our systems.”
The provider said its investigation had shown that the attack was undertaken with “unknown and potentially malicious intent.”
Source: Stamford Podiatry Group