Philips Respironics notice of privacy matter

Patients using Philips Respironics sleep and respiratory devices may have been affected by a data breach that occurred at Philips Respironics (“Philips”). Philips is notifying affected individuals directly of the incident described below. If you have questions, contact Philips at 1-888-541-7970, Monday through Friday, 9 a.m. to 9 p.m. Eastern time.

What Happened?

Philips experienced a cybersecurity incident involving its use of a file transfer tool referred to as MOVEit. The software MOVEit Transfer is widely used by organizations to transfer files and contained a vulnerability allowing it to be exploited. This incident is specific to Philips and did not involve Kaiser Permanente’s IT systems.

The investigation performed by Philips revealed that information was accessed by unauthorized actors on May 31, 2023, due to the vulnerability in MOVEit Transfer software. The affected personal information may have included names, contact information, dates of birth, medical information relating to sleep and respiratory care, and health insurance information. The investigation determined that financial information such as social security numbers or credit card information was not included in this incident. After gathering all relevant information, Philips informed Kaiser Permanente of the event on December 20, 2023.

Philips notified affected individuals for whom it had current contact information and arranged to provide identity protection services including credit monitoring at no charge to affected individuals. Individuals who did not receive notification but believe their information may have been affected can call Philips 1-888-541-7970, Monday through Friday, 9 a.m. to 9 p.m. Eastern time.