BRSI Data Breach Impacts 274K Patients


The personal data of over 274,000 patients has been compromised following a malicious hack perpetrated against the Benefit Recovery Specialists (BRSI) last Monday, July 13.

Several healthcare providers and payers who are utilizing BRSI’s billing and collection services were notified of a data breach after a hacker obtained employee credentials. According to reports, the hacker was able to deploy malware to the system, resulting in the breach.


The Houston-based company discovered the attack after detecting the installation of malware to its systems. This malware allowed an unauthorized user to view, and obtain the personal information of a protected profile of 274,000 people.

BRSI Data Breach

Officials reported that the data breach incident happened on April 30. They’ve taken all systems offline to remove the malware and assess the scope of the data breach, and the security of the systems.


Immediately, an investigation was conducted with the assistance of third-party cybersecurity specialists, which ended on May 29. According to the report, the hacker gained customer files for ten days, between April 20 and April 30.

This incident is considered the fourth-largest reported breach in the healthcare sector this 2020, impacting almost a quarter of a million individuals in the United States. The BRSI provides the billing and collection services for healthcare providers and payers.

BRSI revealed that personal information compromised due to the malware include the current or former members of healthcare plans and the healthcare providers. From names, date of birth, date of service, policy identification numbers, procedure codes, and diagnosis codes were exposed.

The billing company added that ‘a small number of individuals’ have their Social Security numbers compromised due to the breach.

BRSI began notifying customers around June 2, after the investigation was finalized.

The company released a statement saying, “While BRSI is unaware of any misuse of personal information impacted by this event, individuals are encouraged to remain vigilant against incidents of identity theft by reviewing account statements and report any suspicious activity immediately.”

Throughout the pandemic, many hackers are taking advantage of the work-from-home set up to obtain access to the enterprise network. The BRSI confirmed that the hacker stole an employee credential to enter the system and obtain customer information.

Cybersecurity experts said a number of phishing attempts could easily obtain the access of employees. Password reuse is a major factor in these attacks, as employees use the same password for work and personal accounts.