Cedarcrest Surgery Center Data Breach Exposes PII & PHI

Between October 24, 2024, and December 31, 2024, Cedarcrest Surgery Center experienced unauthorized access to an employee's email account. Upon discovering suspicious activity, Cedarcrest Surgery Center quickly secured the affected email account and launched a detailed investigation. The investigation revealed that an unknown individual gained unauthorized access to a single employee email account, potentially exposing sensitive patient information contained within emails.

The types of information exposed in this breach include personally identifiable information (PII) such as patient names, dates of birth, gender, zip codes, policy numbers, policy types, group numbers, subscriber policy numbers, billing dates, payment dates, and payer names.

Protected health information (PHI) such as dates of medical services, medical procedures performed, physician names, and other medical details were also involved. The exact number of individuals affected by this incident has not yet been publicly disclosed.

Cedarcrest Surgery Center's Response

Upon identifying the unauthorized email access, Cedarcrest Surgery Center immediately took steps to secure the compromised email account and confirm the security of their broader email environment. They conducted a comprehensive review of the affected emails to determine the scope of the breach. Cedarcrest Surgery Center also reported the incident to federal law enforcement and is cooperating fully with their ongoing investigation.

To assist individuals potentially affected by this data breach, Cedarcrest Surgery Center has established a dedicated assistance line at 1 (800) 405-6108. This helpline is available Monday through Friday, from 7:00 a.m. to 7:00 p.m. CT, excluding major U.S. holidays.

Individuals who may have been impacted by the breach are encouraged to remain vigilant by regularly reviewing their financial account statements, explanations of benefits (EOBs), and monitoring their credit reports for any unusual activity. Under U.S. law, consumers are entitled to receive one free credit report annually from each of the three major credit reporting bureaus—Equifax, Experian, and TransUnion. To request these reports, visit AnnualCreditReport.com or call 1 (877) 322-8228.

Cedarcrest Surgery Center has provided further guidance and detailed steps individuals can take to protect their personal information in their official data breach disclosure notice.

For more information about Cedarcrest Surgery Center, visit their official website at cedarcrestasc.com.