Viverant PT LLC, a US-based physical therapy provider, released a notice stating that the personally identifiable information (PII) of patients, current employees, and former employees were exposed in a security breach incident.

The breach was first noticed on March 9, 2021, when suspicious emails were sent from an employee's email address. Upon realization, the company started its investigation promptly, while working with leading security firms.

Security measures such as changing passwords, enacting stricter authentication requirements, and employee training sessions were conducted to contain the situation.

"Upon becoming aware of the Incident, we immediately implemented measures to further improve the security of our systems and practices. We worked with a leading privacy and security firm to aid in our investigation and response, and we are reporting this Incident to relevant government agencies", stated their press release.

Information including patient name, address, date of birth, social security number, driver's license number, medical record number, diagnostic treatment information, credit/debit card with password or security code was revealed in the data breach. Currently, there is no evidence that the stolen information has been misused.

It is still unclear why the data breach discovered in March was just recently published in the HIPAA breach portal. The company has asked the affected individuals to stay vigilant against any suspicious activity found on their card, and reach out to the company's dedicated assist line for any additional information regarding the breach.