PeakMed Colorado, LLC disclosed a recent breach to the U.S. Department of Health and Human Services Office for Civil Rights, initiated by the compromise of an employee’s login credentials. This breach led to unauthorized access to a wide array of patient information, encompassing names, addresses, Social Security numbers, driver’s license numbers, dates of birth, medical records, financial account details, payment card information, electronic signatures, medical history, and health insurance details. The company commenced the issuance of data breach notification letters to affected individuals following their investigation.
The incident, identified on August 30, 2023, prompted PeakMed to reset employee passwords and conduct a thorough investigation. It was confirmed that an unauthorized entity accessed the PeakMed system between July 24 and August 30, 2023, potentially gaining entry to patient data.
After assessing the breached files, PeakMed Colorado sent out breach notification letters on October 27, 2023, detailing the compromised information specific to affected patients.
Founded in 2014 and headquartered in Colorado Springs, PeakMed Colorado, LLC operates as a direct primary care provider, offering a membership-based model for unlimited doctor visits and round-the-clock care. With 25 locations, half of which are in Colorado, the company, comprising over 26 employees, generates an estimated annual revenue of $9 million.