MORRISTOWN, N.J., May 23, 2024
/PRNewswire/ -- Affiliated Dermatologists (AD) is providing an
update to its May 3 notice of a
recent data security incident. At this time, AD is not aware of any
misuse of any personal information in connection with this
incident.
What Happened?
On March 5, 2024, AD detected it
was the target of a cybersecurity attack whereby an unauthorized
third party gained access and left a ransom note on AD's network.
Upon discovery of this incident, AD immediately disconnected access
to the network, alerted its third-party IT provider, and engaged
specialized cybersecurity professionals to conduct a forensic
investigation into the nature and scope of the incident.
On April 10, 2024, AD's
investigation determined that between March
2, 2024 and March 5, 2024, the
unauthorized actor obtained access to certain systems and copied
data from AD's network, including the personal information of AD
patients and employees.
What Information Was Impacted?
AD's investigation has determined that the unauthorized actor
may have accessed the following categories of information:
- For patients: name, date of birth, mailing address, social
security number, medical treatment information, and health
insurance claims information.
- For employees: name, date of birth, mailing address, social
security number, driver's license number, and passport number.
The information involved varies for each individual, and not
every category applies in each individual case.
AD mailed personalized notification letters to the affected
individuals on May 23 that detail the
specific categories of information that apply in each individual's
case.
What Remediation Measures Were Taken?
AD takes the privacy and security of personal information
seriously. Since the discovery of the incident, AD has taken steps
to further enhance its network security, including implementation
of 24-7 network security monitoring, multi-factor authentication
for all remote access, and password resets for all accounts on the
network.
AD is offering free credit monitoring and identity theft
protection services to all potentially-affected individuals. On
May 23, AD mailed personalized
notification letters to the affected individuals that provide
instructions on how to enroll in those services.
What Steps Can Individuals Take?
AD encourages everyone to remain vigilant against incidents of
identity theft by reviewing their account statements and monitoring
their credit reports for any suspicious activity. Individuals can
obtain free copies of their credit reports from the major credit
bureaus.
View original
content:https://www.prnewswire.com/news-releases/affiliated-dermatologists-notifies-of-data-security-incident-302153248.html
SOURCE Affiliated Dermatologists and Dermatologic Surgeons,
P.A.