We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

9M Records Stolen After Medical Transcription Firm Hacked

9M Records Stolen After Medical Transcription Firm Hacked
Author Image Keira Waddell
Keira Waddell Published on 24th November 2023 Senior Writer

Perry Johnson & Associates (PJ&A), a medical transcription service provider based in Nevada, has fallen victim to a cyberattack, compromising the personal and health information of 8,952,212 Americans. The breach, which occurred between March 27 and May 2, was confirmed by PJ&A in a filing with the US Department of Health and Human Services. The company began notifying affected individuals on October 31.

The stolen data encompasses a range of sensitive information. Patient names, dates of birth, addresses, medical record and hospital account numbers, admission diagnoses, and dates and times of treatment were among the compromised details.

Additionally, the breach included the potential exposure of Social Security numbers, insurance information, and clinical data extracted from medical transcription files, including test results, medications, treatment facility names, and healthcare providers.

Luckily, the breach did not involve credit card or bank account information, nor did it compromise usernames or passwords. Despite the alarming nature of the incident, PJ&A assured the public that there is currently no evidence indicating the misuse of the stolen data for fraud or identity theft.

Two major healthcare providers affected by the breach include Northwell Health, the largest healthcare provider in New York State, and Chicago-based Cook County Health. Northwell Health initially reported 3.9 million affected individuals, while Cook County Health confirmed 1.2 million affected patients.

The breach adds to a growing list of cybersecurity challenges faced by the healthcare industry, following similar incidents reported by McLaren Health Care and Truepill in the same month. It’s also the second-largest breach in recent times, only behind the HCA Healthcare breach that saw 11 million records stolen.

PJ&A has not disclosed specific details about the method used in the cyberattack or the identity of the threat actor responsible. However, upon discovering the breach, the company took immediate action, hiring a cybersecurity vendor and notifying law enforcement. Measures implemented include additional technical restrictions, a password reset for all employees, and the deployment of an endpoint detection and response system to monitor unauthorized access.

About the Author

Keira is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.