Arkansas Methodist Medical Center (“AMMC”) has a lockbox service with IBERIABANK for collecting and processing payments from our patients and/or customers. IBERIABANK uses Technology Management Resources, Inc. (TMR) as a third‐party lockbox service provider to process payments and capture pertinent payment data for items received in the lockbox. On July 3, 2020, TMR discovered that a TMR employee’s user account had been compromised. AMMC was notified of this incident on August 24, 2020 and has been actively seeking information regarding the incident to be able to provide this notice.
Upon discovery of the incident, TMR reported that they secured the account and began an investigation in consultation with external cybersecurity professionals. TMR has stated that their investigation determined that the threat actor may have viewed images of checks and related images containing potential Protected Health Information (PHI) related to customers of Arkansas Methodist Medical Center. According to TMR, the threat actor activity occurred between August 5, 2018 and May 31, 2020, with the bulk of the activity occurring between February and May 2020. TMR notified the FBI of this incident.
What information was involved?
According to TMR, their investigation concluded that the threat actor potentially viewed images within TMR’s iRemit application that may have PHI. The information contained on these images may have included your name, address, checking account number and routing number (as found on personal checks) and information on billing statements, submitted with your payment, such as your AMMC account number.
What is the Company doing in response?
We take the privacy and security of personal information very seriously. As part of our ongoing commitment to information privacy and the security of information, and although this incident in no way involved AMMC’s nor IBERIABANK’s internal security or computer systems, as a professional courtesy, IBERIABANK is offering affected individuals credit monitoring and identity theft protection through CyberScout in order to give peace of mind.
TMR reports that they have taken several corrective actions to remediate the security incident, prevent a further security incident, and mitigate the effects of the security incident. According to TMR, TMR credentials have been reset or deactivated (as applicable). TMR also reports that they implemented
additional rules in their firewall to more tightly control the ability to access the iRemit website from other countries, among other steps taken.
What you can do.
As a best practice, we encourage our customers to remain vigilant against incidents of identity theft and fraud, to review financial account statements and claims information from your health insurance provider, and to monitor credit reports for suspicious activity. Any suspicious activity or suspected identity theft should be reported to us and to the proper law enforcement authorities.
For more information.
To verify and obtain additional information regarding whether your information was potentially affected by this incident, please call 1‐888‐905‐0513, toll‐free, Monday through Friday, 9:00 am – 9:00 pm Eastern Time. We apologize for any inconvenience this Technology Management Resources security incident may have caused.