January 27, 2023

mscripts, LLC Reports Data Breach with Federal Government Affecting 66,372 Individuals

+ Follow Contact

Send

Embed

On January 17, 2023, mscripts, LLC filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights (“HHS-OCR”) after determining confidential consumer information entrusted to the company was accessible by an unauthorized party. Based on the company’s official filing with the HHS-OCR, the incident likely resulted in an unauthorized party gaining access to consumers’ protected health information and possibly other sensitive data types. After confirming that consumer data was leaked, mscripts began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

If you received a data breach notification from mscripts, LLC, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the mscripts data breach, please see our recent piece on the topic here.

What We Know So Far About the mscripts Breach

The available information regarding the mscripts breach comes from the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights. However, the information on the HHS-OCR site is limited, and neither mscripts nor its parent company Cardinal Health has posted notice of the breach on their respective websites. Thus, all we know is that the incident involved “unauthorized access or disclosure” of information that was stored on a network server.

Upon discovering that sensitive consumer data was made available to an unauthorized party, mscripts began to review the affected files to determine what information was compromised and which consumers were impacted. Although mscripts has not publicly disclosed the leaked data types, it’s very likely that it involved consumers’ protected health information because only breaches involving protected health information must be reported to the HHS-OCR.

Protected health information, or PHI, is demographic information, test and laboratory results, medical history information, insurance information, mental health information or any other data that healthcare providers collect during the course of a patient’s treatment. Essentially, PHI can include any information that a healthcare provider obtains about a patient.

On January 17, 2023, mscripts sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. According to the HHS-OCR website, the mscripts data breach impacted the sensitive information of 66,372 individuals.

More Information About mscripts, LLC

Mscripts, LLC is a software company based in San Francisco, California. The company is owned by Cardinal Health, a major healthcare services and products company based in Dublin, Ohio. Mscripts operates an app that allows patients to refill their prescriptions with their pharmacies and obtain real-time information about their prescriptions. Mscripts employs more than 73 people and generates approximately $15 million in annual revenue. Cardinal Health employs more than 46,000 people and generates approximately $176 billion in annual revenue.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.