FRANKFURT, Dec 6 (Reuters) – Dialysis group Fresenius Medical Care (FMEG.DE) said on Wednesday that data including medical records on 500,000 patients and former patients were stolen from a U.S. subsidiary’s data warehouse.
“The incident may have affected approximately 500,000 patients, former patients, guarantors and 200 staff located across several states, U.S. territories and four countries,” the German company said in a statement.
It said it launched an investigation with the help of a forensic firm after subsidiary Cardiovascular Consultants Ltd on Sept. 29 became aware of a security incident affecting some of its U.S. computer systems and an intruder claimed to have stolen data.
“The investigation has determined that specific systems were accessed and data were encrypted and stolen by the intruder,” it added.
Fresenius Medical said it does not expect the incident to have a material impact on its finances and operations but potential future litigation and potential reputational damage would have to be considered.0