Notice of Data Security Incident
Updated: June 27, 2025
Horizon Healthcare RCM (“Horizon”) assists healthcare providers with revenue management related to patient healthcare services. We are providing notice about a matter that may affect the privacy of certain patient information. This is to ensure patients are aware of this matter, and to provide them with guidance on how to safeguard their information, should they feel it is appropriate to do so.
What Happened?
On December 27, 2024, we learned that a computer virus was used to lock access to some files stored on our computer network. In response, we securely restored our systems and took steps to determine what occurred. During our investigation of this matter, we identified that files on certain systems were likely copied without permission between December 26 and 27. To ensure we could properly notify patients whose information was in the copied files, including the types of information contained within the files, we undertook an intensive review of those files, which concluded on May 20, 2025. Horizon is sending direct notices to patients where contact information is available. However, in certain circumstances, there is insufficient information available to identify and contact patients. This notice is to assist patients that could not be directly notified.
What Information Was Involved?
For patients who could not be directly notified, the types of information involved with this matter varied by individual. The most common types of information were an internal Horizon number, customer number, or other patient identifier in conjunction with general health insurance claims processing information. In some circumstances, a Medical Record Number was identified with the claims processing information.
In a small number of instances, non-address contact information, date of birth, Social Security number, driver’s license number, passport number, payment card information, or checking or financial account information were identified.
Please note that we have no indication of an individual experiencing verified identity theft as a result of this incident. Additionally, we arranged for the party responsible for this matter to delete the copied information. Whether individuals wish to take any steps in response to this matter is a personal decision. For patients with general claims processing information involved, they may consider monitoring their health insurance for unexpected claims information. Additionally, individuals may utilize the free resources and guidance in the “Steps Individuals Can Take To Protect Personal Information” section below. If individuals have additional questions, they may refer to the “Frequently Asked Questions” section below, or contact our toll-free assistance line at 1-866-819-2084.
Why Does Horizon Have Patient Information?
Horizon is a revenue-cycle management company providing hospitals, health systems, and medical centers with accounts receivable and revenue reporting services. We receive patient information in connection with healthcare claims processing.
What We Are Doing?
Horizon is providing this notice to ensure patients that could not be directly notified are aware of this matter, so they may take steps to help safeguard their information, should they feel it appropriate to do so. We are also providing free resources and guidance in the “Steps Individuals Can Take To Protect Personal Information” section below. While no safeguards can fully prevent all cybersecurity attacks, we also implemented additional technical measures and processes to further enhance the company’s security.
What Individuals Can Do.
To the extent relevant information is involved, we encourage individuals to remain vigilant against incidents of identity theft and fraud by reviewing account statements and monitoring their free credit reports for suspicious activity and to detect errors. We also recommend individuals review the “Steps Individuals Can Take To Protect Personal Information” and “Frequently Asked Questions” sections below. As referenced above, for patients with general claims processing information involved, they may consider monitoring their health insurance for unexpected claims information.
For More Information.
If individuals have questions about this matter, they may contact our toll-free assistance line at 1-866-819-2084. Individuals may also write to Horizon at Horizon Healthcare RCM, Attn: Compliance, 9980 Georgia St, Crown Point, IN 46307.
We are committed to maintaining the security of information in our care and confidence in our services. We thank you for your patience and understanding.
Sincerely,
Horizon Healthcare RCM
Frequently Asked Questions
What happened? On December 27, 2024, we learned that a computer virus was used to lock access to some files stored on our computer network. In response, we securely restored our systems and took steps to determine what occurred. During our investigation of this matter, we identified that files on certain systems were copied without permission. We arranged for the party responsible for this matter to delete the copied information and are sending notices directly to patients where possible.
Was this a ransomware event? Yes, some files were temporarily locked by a computer virus.
What information was potentially affected? For patients who could not be directly notified, the types of information involved with this matter varied by individual. The most common types of information were an internal Horizon number, customer number, or other patient identifier in conjunction with general health insurance claims processing information. In some circumstances, a Medical Record Number was identified.
In a small number of instances, non-address contact information, date of birth, Social Security number, driver’s license number, passport number, payment card information, or checking or financial account information were identified.
Has Horizon learned of any instances of identity theft or fraud involving this matter? Horizon has no indication of an individual experiencing verified identity theft or fraud as a result of this incident.
What should I do if I think my information was affected? Horizon is sending notification letters to patients whose information was involved with this matter. For certain patients, there is insufficient information available to directly notify them. As referenced above, the types of information involved for patients that could not be directly identified was internal reference numbers and general claims processing information. If there are concerns, individuals may consider monitoring their health insurance for unexpected claims information. For a small group of patients (under 500) that have Social Security or government identification numbers, payment card numbers or checking/financial account information involved, they may consider referencing the free resources and guidance in the “Steps Individuals Can Take To Protect Personal Information” section below.
Why does Horizon have patient information? Horizon is a revenue-cycle management company providing hospitals, health systems, and medical centers with accounts receivable and revenue reporting services. We receive patient information in connection with healthcare claims processing.
Why did it take so long to finish sending notices? When incidents like this happen to healthcare entities, they are required by federal and state regulations to complete an investigation. Technical investigations are very complex and they take time to complete. After the technical investigation is complete, regulations require healthcare and healthcare-adjacent entities to identify the individuals affected, and to also tell those individuals the specific type of information about them that was in the involved files. To follow these legal regulations, Horizon had to catalogue the files so that it could properly notify individuals.
Was law enforcement notified? Federal law enforcement was notified of this event.
Is the computer network safe? Yes, the computer network was securely restored.
Can I contact someone directly at Horizon to ask more questions about this matter? Individuals may contact Horizon’s toll-free assistance line at 1-866-819-2084. Individuals may also write to Horizon at Horizon Healthcare RCM, Attn: Compliance, 9980 Georgia St, Crown Point, IN 46307.
STEPS INDIVIDUALS CAN TAKE TO PROTECT PERSONAL INFORMATION
Monitor Relevant Accounts
Under U.S. law, a consumer is entitled to one free credit report annually from each of the three major credit reporting bureaus, Equifax, Experian, and TransUnion. To order a free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. Consumers may also directly contact the three major credit reporting bureaus listed below to request a free copy of their credit report.
Consumers have the right to place an initial or extended “fraud alert” on a credit file at no cost. An initial fraud alert is a 1-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If consumers are the victim of identity theft, they are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should consumers wish to place a fraud alert, please contact any of the three major credit reporting bureaus listed below.
As an alternative to a fraud alert, consumers have the right to place a “credit freeze” on a credit report, which will prohibit a credit bureau from releasing information in the credit report without the consumer’s express authorization. The credit freeze is designed to prevent credit, loans, and services from being approved in a consumer’s name without consent. However, consumers should be aware that using a credit freeze to take control over who gets access to the personal and financial information in their credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application they make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, consumers cannot be charged to place or lift a credit freeze on their credit report. To request a credit freeze, individuals may need to provide some or all of the following information:
- Full name (including middle initial as well as Jr., Sr., II, III, etc.);
- Social Security number;
- Date of birth;
- Addresses for the prior two to five years;
- Proof of current address, such as a current utility bill or telephone bill;
- A legible photocopy of a government-issued identification card (state driver’s license or ID card, etc.); and
- A copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft if they are a victim of identity theft.
Should consumers wish to place a credit freeze or fraud alert, please contact the three major credit reporting bureaus listed below:
Equifax—www.equifax.com; 1-888-298-0045; and P.O. Box 105788 Atlanta, GA 30348-5788
Experian—www.experian.com; 1-888-397-3742; and P.O. Box 9554, Allen, TX 75013
TransUnion—www.transunion.com; 1-800-916-8800; and P.O. Box 160, Woodlyn, PA 19094
For loved ones that may have recently passed, individuals may also place a “deceased – do not issue credit” flag on the loved one’s credit file. Only one consumer reporting bureau needs to be notified, and it will notify the other two major consumer reporting bureaus. Individuals may complete this process using the information provided by the credit bureaus at the below websites:
Equifax: https://www.equifax.com/personal/help/article-list/-/h/a/relative-death-contact-credit-bureaus
Experian: https://www.experian.com/blogs/ask-experian/reporting-death-of-relative/
TransUnion: https://www.transunion.com/blog/credit-advice/reporting-a-death-to-tu
Additional Information
Consumers may further educate themselves regarding identity theft, fraud alerts, credit freezes, and the steps they can take to protect their personal information by contacting the consumer reporting bureaus, the Federal Trade Commission, or their state Attorney General. The Federal Trade Commission may be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. Consumers can obtain further information on how to file such a complaint by way of the contact information listed above. Consumers have the right to file a police report if they ever experience identity theft or fraud. Please note that in order to file a report with law enforcement for identity theft, consumers will likely need to provide some proof that they have been a victim. Instances of known or suspected identity theft should also be reported to law enforcement. This notice has not been delayed by law enforcement.
For District of Columbia residents, the District of Columbia Attorney General may be contacted at: 400 6th Street, NW, Washington, DC 20001; 1-202-442-9828; and oag.dc.gov.
For Maryland residents, the Maryland Attorney General may be contacted at: 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; 1-410-576-6300 or 1-888-743-0023; and https://www.marylandattorneygeneral.gov/. Horizon Healthcare RCM may also be contacted at 1-877-794-1003.
For New Mexico residents, consumers have rights pursuant to the Fair Credit Reporting Act, such as the right to be told if information in their credit file has been used against them, the right to know what is in their credit file, the right to ask for their credit score, and the right to dispute incomplete or inaccurate information. Further, pursuant to the Fair Credit Reporting Act, the consumer reporting bureaus must correct or delete inaccurate, incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative information; access to consumers’ files is limited; consumers must give consent for credit reports to be provided to employers; consumers may limit “prescreened” offers of credit and insurance based on information in their credit report; and consumers may seek damages from violators. Consumers may have additional rights under the Fair Credit Reporting Act not summarized here. Identity theft victims and active-duty military personnel have specific additional rights pursuant to the Fair Credit Reporting Act. We encourage consumers to review their rights pursuant to the Fair Credit Reporting Act by visiting www.consumerfinance.gov/f/201504_cfpb_summary_your-rights-under-fcra.pdf, or by writing Consumer Response Center, Room 130-A, Federal Trade Commission, 600 Pennsylvania Ave NW, Washington, DC 20580.
For New York residents, the New York Attorney General may be contacted at: Office of the Attorney General, The Capitol, Albany, NY 12224-0341; 1-800-771-7755; or https://ag.ny.gov.
For North Carolina residents, the North Carolina Attorney General may be contacted at: 9001 Mail Service Center, Raleigh, NC 27699-9001; 1-877-566-7226 or 1-919-716-6000; and www.ncdoj.gov.
For Rhode Island residents, the Rhode Island Attorney General may be contacted at: 150 South Main Street, Providence, RI 02903; 1-401-274-4400; and www.riag.ri.gov. Under Rhode Island law, individuals have the right to obtain any police report filed in regard to this event.
STEPS INDIVIDUALS CAN TAKE TO PROTECT THEIR MINOR DEPENDENTS’ PERSONAL INFORMATION
Monitor Relevant Accounts
Typically, credit reporting agencies do not have a credit report in a minor’s name. To find out if your minor dependent has a credit report or to request a manual search for your minor dependent’s Social Security number, each credit bureau has its own process. To learn more about these processes or request these services, you may contact the credit bureaus by phone or in writing or you may visit or contact the below credit bureaus.
Equifax— https://www.equifax.com/personal/education/identity-theft/articles/-/learn/child-identity-theft/; 1-888-298-0045; and P.O. Box 105788 Atlanta, GA 30348-5788
Experian— https://www.experian.com/help/minor-request.html; 1-888-397-3742; and P.O. Box 9554, Allen, TX 75013
TransUnion— https://www.transunion.com/fraud-victim-resources; 1-800-916-8800; and P.O. Box 160, Woodlyn, PA 19094
To request information about the existence of a credit file in your minor dependent’s name, search for your dependent’s Social Security number, place a security freeze on your dependent’s credit file, place a fraud alert on your dependent’s credit report (if one exists), or request a copy of your dependent’s credit report you may be required to provide some or all the following information:
- A copy of your driver’s license or another government issued identification card, such as a state identification card, etc.;
- Proof of your address, such as a copy of a bank statement, utility bill, insurance statement, etc.;
- A copy of your minor dependent’s birth certificate;
- A copy of your minor dependent’s Social Security card;
- Your minor dependent’s full name, including middle initial and generation, such as JR, SR, II, III, etc.;
- Your minor dependent’s date of birth; and
- Your minor dependent’s previous addresses for the past two years.
Additional Information
Individuals may further educate themselves regarding identity theft, fraud alerts, credit freezes, and the steps individuals can take to protect personal information by contacting the consumer reporting bureaus, the Federal Trade Commission, or their state Attorney General. The Federal Trade Commission may be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. Individuals can obtain further information on how to file such a complaint by way of the contact information listed above. Individuals and/or their minor dependent have the right to file a police report if their minor dependent ever experiences identity theft or fraud. Please note that in order to file a report with law enforcement for identity theft, individuals or their minor dependent will likely need to provide some proof that their minor dependent has been a victim. Instances of known or suspected identity theft should also be reported to law enforcement.
