On December 11, 2023, Healix Infusion Therapy, LLC (“Healix”) filed a notice of data breach with the Attorney General of Vermont after discovering that an unauthorized party gained access to its computer system through an apparent cyberattack. In this notice, Healix explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, addresses, dates of birth, driver’s license numbers, financial account information, medical information, and health insurance information. Upon completing its investigation, Healix began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Healix Infusion Therapy, LLC, it is essential you understand what is at risk and what you can do about it. While you may not have heard of Healix, the company provides outpatient infusion services to healthcare providers, which is how Healix came to possess your information. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Healix Infusion Therapy data breach. For more information, please see our recent piece on the topic here.
What Caused the Healix Infusion Therapy Data Breach?
As we previously reported, Healix Infusion Therapy filed a notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”) on November 9, 2023. However, at the time, little was known about the incident.
On December 11, 2023, and December 12, 2023, Healix filed additional documents with the Attorneys General of Vermont and Texas, providing additional important information on what led up to the breach as well as its impact on consumers across the country.
According to these sources, on approximately September 12, 2023, Healix detected suspicious activity within its computer network. In response, Healix secured its system, notified state and federal law enforcement, and then began working with third-party IT forensic specialists to investigate the incident and any potential impact on patient data.
The Healix investigation confirmed that an unauthorized actor gained access to certain files on its network between September 8 and September 12, 2023. It was also determined that some of the files that were accessible to the unauthorized party contained confidential patient information.
After learning that sensitive consumer data was accessible to an unauthorized party, Healix Infusion Therapy reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, address, date of birth, driver’s license number, financial account information, medical information, and health insurance information.
On December 11, 2023, Healix Infusion Therapy sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised. Based on the data breach letters, it appears that Healix came into possession of the leaked information because it provides outpatient infusion services for institutions and physician practices. Thus, consumers affected by the Healix data breach may not necessarily be familiar with the name “Healix.”
More Information About Healix Infusion Therapy, LLC
Healix Infusion Therapy is a healthcare services provider headquartered in Sugar Land, Texas. Healix provides office-based infusion therapy services, as well as revenue cycle management services, drug procurement services, and other related services to healthcare facilities and physician practices. Healix Infusion Therapy employs more than 500 people and generates approximately $74 million in annual revenue.