Portland-based health care provider InterMed was the target of a hack that potentially compromised the medical and personal information of about 30,000 patients.

An “unauthorized third party” accessed the email account of an employee between Sept. 4-6, InterMed said in a news release Tuesday.

The breached accounts contained information that may have included patient names, dates of birth, health insurance information and/or clinical information. The accounts also contained the Social Security numbers of 155 patients, the company said.

InterMed said it learned of the unauthorized access on Sept. 6.

“The company immediately took steps to secure the account and hired a nationally recognized forensics team to conduct a comprehensive, independent investigation,” the release said. “The investigation could not determine what specific messages or attachments were viewed – if any – but did determine that an additional three email accounts were likely subject to unauthorized access between Sept. 7 and Sept. 10, 2019.”

John Lamb, InterMed spokesman, said that patients were notified of the breach this week, as soon as the investigation was completed.


“The investigation included a thorough, manual review of all potentially impacted files,” Lamb said. InterMed serves about 100,000 patients, with offices in Portland, South Portland and Yarmouth. The company offers services that include primary care, pediatrics, obstetrics, urgent care, physical therapy, cardiology and sports medicine.

InterMed reviewed all messages and attachments in the email accounts to identify patients whose information had been accessed by the hacker.

“This incident did not impact all InterMed patients – only those patients whose information was in the affected email accounts,” the release said.

“We are taking this matter very seriously,” InterMed CEO Dan McCormack said in the statement. “… We are accelerating plans already underway to strengthen our security. The health and safety of our patients – including the safety of patient data – is our top priority.

“InterMed is absolutely committed to patient privacy and protecting individuals’ data.”

Lamb said InterMed is not aware of any patients reporting that their information was being misused.


Mark Monnin, a cybersecurity expert at the University of Southern Maine, said investigating a breach can be time-consuming because investigators do not know – at the onset – how sophisticated the hackers are. He said it could be an individual doing a “crime of opportunity,” organized crime or even foreign hackers.

Monnin said after the breach is discovered and becomes public, the hacker often will not use the information for months or longer, knowing that those who were potential victims are being more vigilant about identity theft.

In Maine, people can lock or unlock their credit profile for free by going to the Consumer Credit Protection page on the Department of Professional & Financial Regulation website.

The breach at Intermed comes on the heels of a similar hack at Sweetser, a Saco-based mental health nonprofit, that affected 22,000 current and former clients. That breach occurred over the summer and was made public on Oct. 25.

InterMed has established a call center to answer any questions individuals may have about the incident. Patients with questions can call toll-free at 1-855-946-0129, Monday through Friday between 9 a.m. and 6:30 p.m.

InterMed said it is offering free credit monitoring and identity protection services to any patient whose Social Security number was contained in the email accounts. The company also recommends that affected patients review statements from their health insurers or healthcare providers. If they see charges for services not received, they should contact the insurer or provider immediately, the release said.


Related Headlines

Only subscribers are eligible to post comments. Please subscribe or login first for digital access. Here’s why.

Use the form below to reset your password. When you've submitted your account email, we will send an email with a reset code.