ConnectOnCall Cybersecurity Incident Investigation
Strauss Borrelli PLLC, a leading data breach law firm, is investigating ConnectOnCall.com, LLC, a subsidiary of Phreesia, Inc., regarding its recent cybersecurity incident. The ConnectOnCall cybersecurity incident may have impacted the privacy of sensitive personal information belonging to an undetermined number of individuals.
ABOUT PHREESIA, INC. AND CONNECTONCALL.COM, INC.:
Phreesia is a healthcare software company based in Delaware. Founded in 2005, Phreesia provides a variety of software solutions to healthcare providers, including mobile and in-office registration solutions, online appointment and referral tracking, data and reporting analytics across applications, online payment solutions, and more.2 Today, Phreesia facilitates more than 150 million patient visits annually.2 In October 2023, Phreesia acquired ConnectOnCall.com, LLC, a medical answering service that helps healthcare providers manage after-hours calls.3 Headquartered in Wilmington, Delaware, Phreesia employs over 1,000 individuals.
WHAT HAPPENED?
On May 15, 2024, Phreesia announced that it had experienced a cybersecurity incident. According to the breach notice posted on its website, on May 12, 2024, Phreesia learned of a service disruption to its subsidiary ConnectOnCall.1 While investigating this matter, Phreesia determined that a cybercriminal had gained access to ConnectOnCall.1
According to a press release shared with Business Wire, ConnectOnCall stated that an unauthorized third party accessed ConnectOnCall and its application between February 16 and Mary 12, 2024, which contained information in provider-patient communications.4 While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Dates of birth
- Health information, such as conditions, treatments, or prescriptions
- Phone number
On December 11, 2024, ConnectOnCall began mailing data breach notification letters to impacted individuals. Based on the press release breach notice, ConnectOnCall is providing affected individuals with a list of the information impacted and some complimentary identity monitoring services. A link to the form press release that ConnectOnCall shared as well as Phreesia’s website notice are below.
If you believe that you have been impacted by the ConnectOnCall.com, Inc. cybersecurity incident:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
