25% off all training courses Offer ends May 8, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 8, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Debt Collection Agency Data Breach Affects 345,523 Individuals

Posted By on May 18, 2023

R&B Corporation of Virginia, doing business as Credit Control Corporation (CCC), has recently reported a data breach to the HHS’ Office for Civil Rights that has affected 345,523 individuals. CCC is a debt collection agency and business associate of many hospitals and doctor’s offices. The Newport News, VA-based debt collection agency said it detected suspicious activity within its computer systems on March 7, 2023. Its IT systems were immediately isolated, and a forensic investigation was conducted to determine the nature and scope of the activity. On or around March 14, 2023, CCC determined that unauthorized individuals had accessed its systems and copied files that contained sensitive data. The intrusion was determined to have occurred from March 2, 2023, to March 7, 2023.

An initial review of the compromised files was completed on May 3, 2023, which confirmed that the files contained information such as names, addresses, and Social Security numbers. Affected individuals were notified by mail on May 15, 2023. Complimentary credit monitoring services have been offered to affected individuals. CCC said it regularly reviews its data security policies, procedures, and practices and will continue to do so, has augmented its security safeguards to better protect patient data, and has increased the frequency of employee training on the importance of safeguarding data.

Healthcare providers known to have been affected by the breach include:

  • Atlantic Orthopaedic Specialists
  • Bayview Physicians Group
  • Chesapeake Radiology
  • Chesapeake Regional Medical Center
  • Children’s Hospital of the King’s Daughters Health System and its Affiliates
  • Children’s Specialty Group
  • Dominion Pathology Laboratories
  • Emergency Physicians of Tidewater
  • Mary Washington Healthcare
  • Medical Center Radiology
  • Pariser Dermatology Specialists, Inc
  • Riverside Health System
  • Sentara Health System
  • Tidewater Physicians Multispecialty Group
  • UVA Health System
  • Valley Health System
  • VCU Health System

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist