b2b-daily
Home | IT | Cyber Security

Texas Therapy Provider Notifying Approximately 4 Million Patients of Data Theft Incident at Nevada Transcription Vendor

Avatar photo
by Craig Anderson
January 29, 2024
Image Credit: Unsplash 
Texas Therapy Provider Notifying Approximately 4 Million Patients of Data Theft Incident at Nevada Transcription Vendor
Table of Contents
  1. Scope of the Data Breach
  2. Identification of Affected Clients
  3. Impact on Other Healthcare Providers
  4. Warning about ID Theft and Fraud Risks
  5. Lawsuit Filed Against PJ&A and Mercy Health
  6. Claims and Lawsuits Against PJ&A
  7. Vulnerabilities of Medical Transcription Firms

A data theft incident at a Nevada-based medical transcription vendor last year has resulted in a Texas-based physical and occupational therapy provider notifying nearly 4 million patients that they have become victims of this breach. The compromise of the medical transcriber has potentially exposed the personal data of at least 14 million patients and counting, making it one of the largest breaches in the healthcare industry. This article delves into the impact of the breach, identifies affected clients, examines the legal actions taken, and highlights vulnerabilities in the medical transcription industry.

Scope of the Data Breach

The breach at the medical transcription vendor has had a significant impact, potentially compromising the personal data of at least 14 million patients, and the number continues to rise. With such a large amount of personal information exposed, there are concerns about the potential misuse of this data for identity theft and fraud purposes.

Identification of Affected Clients

While the Texas therapy provider, PJ&A, has not publicly named all of its clients affected by the hack, Concentra, another affected entity, has filed its own breach report to the HHS OCR. Concentra, a healthcare provider, is one of many organizations grappling with the aftermath of the breach. In addition, Crouse Health, a large healthcare provider in New York, has reported that an undisclosed number of its patients were also affected in the PJ&A incident.

Impact on Other Healthcare Providers

The data breach has had a ripple effect on the healthcare industry, with various organizations and providers being affected. Crouse Health’s disclosure regarding their affected patients further highlights the far-reaching impact of the breach.

Warning about ID Theft and Fraud Risks

In response to the PJ&A incident, New York’s Attorney General issued a public warning about the potential risks of identity theft and fraud faced by the affected patients. This highlights the severity of the breach and the need for individuals to remain vigilant and take proactive measures to protect their personal information.

Lawsuit Filed Against PJ&A and Mercy Health

A proposed federal class-action lawsuit complaint was filed against PJ&A and Mercy Health, another medical transcription client affected by the breach. The lawsuit alleges negligence and other claims against the organizations for their failure to safeguard patients’ sensitive information. This legal action underscores the accountability of organizations in protecting patients’ data.

Claims and Lawsuits Against PJ&A

PJ&A is facing similar claims in dozens of other lawsuits, which largely seek financial damages and injunctive orders to improve the company’s data security measures. The magnitude and severity of the breach have sparked legal actions against PJ&A, reflecting the importance of robust data security protocols in the healthcare industry.

Concentra, the Texas therapy provider affected by the breach, has been asked to provide additional information regarding the PJ&A incident. This includes inquiring about whether any of the therapy provider’s patients have reported incidents of identity theft or fraud that they suspect may be linked to the hack. Understanding the impact on affected patients is crucial to assessing the full extent of the breach.

Vulnerabilities of Medical Transcription Firms

Experts have highlighted several inherent traits that make medical transcription firms appealing targets for hackers. Historically, many of these companies were “mom and pop businesses” lacking robust security and privacy controls, which made them easy targets. The breach at the Nevada transcription vendor underscores the urgent need for enhanced security measures within the medical transcription industry.

The data breach at the Nevada-based transcription vendor has had far-reaching consequences for the healthcare industry. With nearly 4 million patients affected and the number continuously growing, it is imperative that organizations prioritize data security and privacy. The legal actions taken against PJ&A and Mercy Health, along with the warnings issued by authorities, serve as reminders of the need for enhanced cybersecurity measures in the medical transcription industry. Protecting patient data must be a top priority to prevent further breaches and ensure the trust and safety of individuals seeking medical care.

Digital TransformationHealthcareInformation Security

Explore more

AI and State Actors Fuel Surge in Global IT Cyberattacks
June 15, 2026

Introduction Sophisticated digital adversaries have transformed the global information technology infrastructure into a sprawling battlefield where intellectual property is the ultimate prize of statecraft. This escalating aggression currently defines a period of unprecedented risk for the IT sector, as both government-backed operatives and independent criminal syndicates deploy increasingly lethal digital weaponry. The primary objective of this analysis is to explore

AWS Taps Qualcomm AI200 Chips to Slash AI Inference Costs
June 15, 2026

The global artificial intelligence landscape has reached a critical inflection point where the cost of sustaining intelligence now outweighs the price of creating it in the first place. While the initial frenzy focused on the massive energy consumption required to train foundational models, the industry is now confronting the daily operational grind of inference. Running a model for millions of

Why Is PEPETO Leading the June 2026 Crypto Presale Market?
June 15, 2026

As the cryptocurrency landscape navigates a period of significant turbulence in June 2026, many investors are recalibrating their strategies to prioritize utility over mere speculation. With the total market capitalization hovering around the $2.11 trillion mark and major assets like Bitcoin experiencing notable pullbacks, the spotlight has shifted toward early-stage projects that offer more than just a conceptual roadmap. Our

Europe Redefines Its $21 Trillion Cross-Border Payments
June 15, 2026

The financial architecture of Europe is currently undergoing a profound metamorphosis as industry leaders and policymakers gather in Amsterdam for the Money20/20 Europe conference to navigate a landscape where digital sovereignty and real-time speed are non-negotiable requirements for modern global trade. Recent findings from a detailed investigation into the continent’s payment landscape reveal that the traditional methods of moving money

Trend Analysis: Phishing as Service Infrastructure
June 15, 2026

The once-impenetrable walls of high-level cybercrime have effectively crumbled as sophisticated toolsets now flow through automated marketplaces that require little more than a credit card and a willingness to exploit others for personal gain. This shift toward a point-and-click service model has transformed what was once a craft for elite hackers into a massive global industry. Phishing-as-a-Service, or PhaaS, provides