Brother
Professional
- Messages
- 2,590
- Reaction score
- 490
- Points
- 83
What is a prestigious medical center going to do to make amends to its clients?
On December 4, 2023, the American medical center "Neurosurgical Associates of New Jersey" announced a security breach, during which an unauthorized attacker gained access to the email of one of the company's employees, and then allegedly unloaded confidential patient data from the organization's system.
The exact number of victims was not disclosed, but there are probably thousands of them, given that the medical center operates 11 clinics throughout the state of New Jersey and generates about $ 7.5 million in revenue annually.
Affected information includes names, addresses, social security numbers, health insurance policy numbers, medical card numbers, patient account numbers, medical history, and complete treatment information.
According to the data provided, on October 4, 2023, 2 months before the public disclosure of the incident, the company detected suspicious activity in the corporate electronic account. In response, measures were taken to ensure the security of the system and an investigation was launched in cooperation with third-party cybersecurity specialists.
"During the investigation, we were unable to reliably determine whether any information was obtained from the compromised account. As a precaution, we decided to review all documents that were present in this account at the time of unauthorized access."
All patients at the medical center whose data was accessed from a compromised account have already been notified via email of any potential risks.
On the incident page, the company recommended that victims carefully monitor their financial transactions, as well as visit the FTC website with recommendations that can protect against identity theft.
The company itself says that it has done everything possible to prevent similar incidents in the future, including conducting a global password reset and implementing multi-factor authentication.
In addition, the company will provide free credit monitoring and other related services to all customers who actually encounter malicious use of their data.
On December 4, 2023, the American medical center "Neurosurgical Associates of New Jersey" announced a security breach, during which an unauthorized attacker gained access to the email of one of the company's employees, and then allegedly unloaded confidential patient data from the organization's system.
The exact number of victims was not disclosed, but there are probably thousands of them, given that the medical center operates 11 clinics throughout the state of New Jersey and generates about $ 7.5 million in revenue annually.
Affected information includes names, addresses, social security numbers, health insurance policy numbers, medical card numbers, patient account numbers, medical history, and complete treatment information.
According to the data provided, on October 4, 2023, 2 months before the public disclosure of the incident, the company detected suspicious activity in the corporate electronic account. In response, measures were taken to ensure the security of the system and an investigation was launched in cooperation with third-party cybersecurity specialists.
"During the investigation, we were unable to reliably determine whether any information was obtained from the compromised account. As a precaution, we decided to review all documents that were present in this account at the time of unauthorized access."
All patients at the medical center whose data was accessed from a compromised account have already been notified via email of any potential risks.
On the incident page, the company recommended that victims carefully monitor their financial transactions, as well as visit the FTC website with recommendations that can protect against identity theft.
The company itself says that it has done everything possible to prevent similar incidents in the future, including conducting a global password reset and implementing multi-factor authentication.
In addition, the company will provide free credit monitoring and other related services to all customers who actually encounter malicious use of their data.
