JDC Management Healthcare in Dallas, Texas, says it has become aware of suspicious activity related to a JDC email account.
Upon discovery of the intrusive behaviour, JDC says it immediately opened an investigation with the aid of forensic investigators to determine the nature and scope of the activity.
On December 10, 2019, JDC’s investigation determined that there had been unauthorized access to the JDC email account between July 21, 2019 and August 26, 2019, which contained information related to certain patients. Although JDC says it has no evidence of actual access or misuse of information as a result of this incident, a notice to potential victims has been issued.
The investigation found that data potential compromised through the affected email account includes: names, addresses, dates of birth, medical treatment information and histories, health insurance documents and payment information, as well as patient numbers, and medical record numbers. The organisation has underlined that no social security numbers were affected by the incident.
JDC officials say the organisation commenced an investigation to confirm the nature and scope of the incident, as soon as the incident was discovered. JDC has also said it is taking steps to implement additional safeguards and review policies and procedures relating to data privacy and security. Regulators have been notified, the organisation says, including the U.S. Department of Health and Human Services and certain state regulators.
JDC also encourages those individuals impacted by this event to remain vigilant against incidents of identity theft and fraud by reviewing accounts, explanations of benefits, and credit reports for suspicious activity and reporting any suspicious activity to the affiliated institutions immediately. Potentially affected individuals are also being offered access to complimentary credit monitoring and identity protection services. Additional steps an individual can take to better protect against misuse of their information should they feel it is appropriate to do so include:
- Monitoring financial statements and explanation of benefits carefully.
- Placing a fraud alert on credit files.
- Placing a security freeze on credit files.
- Contacting the Federal Trade Commission and the relevant state Attorney General to learn more about identity theft, fraud alerts, security freezes, and other steps one can take to self-protect.
- Reporting incidents of suspected or actual identity theft or fraud to law enforcement, the Federal Trade Commission, and the state Attorney General.
The post #Privacy: Healthcare management data breach in US announced appeared first on PrivSec Report.