The Dalles, OR – August 19, 2023 – Mid-Columbia Center for Living (“MCCFL”) announced today that it will be notifying certain current and former clients that their personal information may have been accessed as part of a business email compromise. MCCFL takes the privacy and security of information in its possession very seriously and sincerely apologizes for any inconvenience this incident may cause. This notice is intended to alert potentially impacted individuals of the incident, steps we are taking in response, and resources available to assist and protect individuals.
What Happened
MCCFL detected suspicious activity within an employee’s business email account on January 24, 2024. Upon detecting the suspicious activity, MCCFL immediately secured the email environment by disabling the account and resetting passwords. We then engaged third-party forensic specialists to investigate the incident to determine the extent of any unauthorized activity. The forensic investigation determined that an unauthorized third party may have acquired data from the email environment as a result of this incident. After conducting extensive electronic discovery, which was completed on Aug. 1, we determined that the unauthorized third party may have acquired certain personal information as a result of this incident. MCCFL is providing written notice to all impacted individuals. As of this writing, MCCFL has not received any reports of misuse of information and/or related identity theft since the date the incident was discovered (Jan. 24, 2024, to present).
What Information Was Involved
Again, we found no evidence that patient information has been specifically misused. However, the following information was potentially exposed to an unauthorized third party: first name, last name, address, patient ID number, medical record number, Social Security number, treating physician, treatment information, treatment dates, diagnoses/conditions, Medicaid number, and health insurance information. Notably, the types of information affected were different for each individual, and not every individual had all the above listed elements exposed.
What We Are Doing
Data security is one of our highest priorities. Upon detecting this incident we moved quickly to initiate a response, which included conducting an investigation with the assistance of IT specialists and confirming the security of our email environment. We have also reviewed and enhanced our technical safeguards to prevent a similar incident.
The notification letter to the potentially impacted individuals includes steps that they can take to protect their information. In order to address any concerns and mitigate any exposure or risk of harm following this incident, MCCFL has arranged for complimentary credit monitoring services and identity theft protection services to all potentially impacted individuals at no cost to them for a period of twelve months. MCCFL recommends that individuals enroll in the services provided and follow the recommendations contained within the notification letter to ensure their information is protected.
For More Information
For individuals seeking more information or questions about this incident, call 866-778-9624, Monday through Friday, 6 a.m. to 3 p.m., excluding holidays.
Thank you for entrusting MCCFL with your healthcare needs. We value the security of the personal data that we maintain, and understand the frustration, concern, and inconvenience that this incident may have caused. We look forward to continuing to provide high quality care to you, your family, and the MCCFL community.
Commented
Sorry, there are no recent results for popular commented articles.