The company learned on Oct. 1 that an employee was inappropriately accessing the billing system and disclosing information to a theft ring, which is believed to have used the information to file fraudulent federal tax returns. Compromised information included names, dates of birth and Social Security numbers.
Advanced Data Processing is not offering credit/identity theft protection services to affected patients, believing use of the stolen information was limited to the fraudulent tax returns. “Because this is a tax fraud scheme, credit monitoring will not necessarily track to improper filings,” according to a spokesperson. A duplicate tax return is often an indicator to the IRS that a fraudulent return has already been filed, the company also notes.
An informational Web site created for patients walks them through processes to monitor their credit and steps to take if they become a victim of identity theft. A call center has been set up to answer patient questions. The employee has been terminated and the law enforcement investigation continues.