Data Breach May Have Exposed Patient Information: DuPage Medical

DOWNERS GROVE, IL — Around 600,000 patients may have had their names, addresses, dates of birth and diagnoses compromised in a recent data security breach at DuPage Medical Group (DMG), the health care system said Monday. In the wake of the mid-July incident, DMG says it has taken additional cybersecurity measures and is reviewing its current data security policies.

Patients whose information may have been impacted by the data breach will receive a letter in the mail from DuPage Medical Group. As of Monday, DMG reports that social security numbers may have been accessed for a "small subset of individuals," but that patients' financial account numbers were unaffected.

After experiencing a network outage that began around July 12 and lasted several days, DuPage Medical Group discovered the outage had been caused by "unauthorized actors" who were able to access the network. On Aug. 17, DMG was made aware that patient information may have been compromised during the incident.

“DMG remains committed to delivering exceptional care for our patients. Our physicians and team members will continue to put patient care first," DMG spokesperson Lisa Lagger told Patch Monday via email.

DuPage Medical Group will provide free identity theft protection and credit monitoring to affected patients. A call center has been established to field questions related to the data breach. Patients can call 1−800−709−2027 Monday through Friday from 8 a.m. to 8 p.m. to get additional information.

Headquartered in Downers Grove, DMG has more than 115 locations throughout Illinois.