Cyber Incident Victim: Advanced Medical Practice Management

Advanced Medical Practice Management (AMPM), a healthcare billing administrator based in New Jersey, experienced a data breach involving unauthorized access to sensitive files. The incident occurred when an unauthorized actor gained access to systems containing protected health information and personally identifiable data. Exposed information included Social Security numbers, financial account details, medical diagnoses, and prescription information. While the exact date of initial access was not publicly disclosed, the breach was reported in the context of healthcare incidents occurring around mid-2021 through early 2022. Approximately 56,000 individuals were affected by the compromise of these records. The nature of the intrusion did not involve confirmed identity theft or fraudulent activity at the time of reporting, but the exposed data types created significant risk of financial fraud and medical identity theft for impacted patients.

AMPM responded by notifying appropriate regulatory authorities about the security incident in compliance with healthcare breach reporting requirements. The organization implemented updates to its security protocols following the discovery of unauthorized access, though specific technical control enhancements were not detailed in public disclosures. Affected individuals received guidance to monitor their financial accounts and credit reports for suspicious activity indicative of fraud. As a medical billing administrator handling sensitive data for healthcare providers, the breach underscored operational risks associated with storing comprehensive patient billing information and protected health records. No additional information was released regarding the duration of system access, specific attack vectors employed by the threat actor, or forensic investigation findings beyond the confirmed exposure of sensitive data categories.