Posted On May 17, 2023 Consumer Privacy & Data Breaches
May 17 – Asian Health Services (AHS) notified the California Attorney General’s office of a data breach on May 5, 2023, after discovering that sensitive patient information had been stolen due to the hacking of an employee email account. According to the company’s report, the event led to the disclosure of consumers’ names, protected health information, medical record numbers, phone numbers, and birth dates. After it was determined that confidential information had been compromised, AHS immediately started notifying those who had been affected by sending letters.
You should know what’s at stake if a data breach notice has been sent to you. Console & Associates, P.C.’s data breach lawyers for data breaches are now looking into the hack at Asian Health Services. We are offering complimentary consultations to anybody whose personal information was compromised as part of this investigation and who has questions regarding the likelihood of identity theft, preventative measures they may take, and potential legal recourse they may have against AHS.
Asian Health Assistance is a not-for-profit organization that serves people of various backgrounds by providing them with medical attention, social services, and advocacy irrespective of their income, language spoken, immigration status, culture, or insurance coverage. AHS has its headquarters in San Leandro, California, and its clinics can be found all around San Leandro and Oakland. Asian Health Services began in 1974, and it today employs over 325 people and makes over $59 million in income per year.
The report with the California Attorney General’s office states that on February 13, 2023, AHS discovered suspicious behavior in an internal email account. In response, AHS took precautions to protect the compromised email account and initiated an investigation with the help of outside data security experts.
Based on its findings, AHS has determined that between February 7, 2023 and February 13, 2023, an unauthorized third party accessed the email account of an employee. On April 5, 2023, AHS found out that sensitive patient data was available in some of the files accessed by the hacker.
After learning that private consumer information had fallen into the wrong hands, Asian Health Services launched a thorough investigation of the compromised files to ascertain what data had been exposed and how many individuals had been affected. Your name, protected health information, medical record number, phone number, and date of birth may have been compromised, albeit the specific data compromised may vary from person to person.
Asian Health Services sent notification letters to those whose personal data was compromised on May 5, 2023.
With the massive amount of data stolen in the Asian Health Services data breach, hackers may perform a broad variety of crimes. They are at liberty to do any number of criminal acts or to profit from doing so by selling this information to others on the dark web. The information obtained in the cyberattack is quite versatile in terms of the damage it may inflict as identity theft and fraud increase in the United States.
Accounts and credit cards might be fraudulently charged in the event of a data breach. Someone using your identity might potentially apply for additional lines of credit and loans. Credit card applications require just the most fundamental pieces of personal information, such as names, Social Security numbers, and dates of birth.
It’s not only financial identity theft that hackers may use your data for. Identity theft in the medical field is possible as well. If they gain access to all of your protected health information, they may get medical treatment in your name and rack up huge bills for it. Your medical records might be at risk if they include false information about your medical history or the drugs you use.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Asian Health Services data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the notice posted on their website:
Asian Health Services (“AHS”) has been and will be notifying patients of a recently discovered data security incident. On February 13, 2023, AHS discovered suspicious activity in one of our employee’s email accounts. We took steps to secure the email account and launched an investigation with the assistance of third-party experts. We determined that an unauthorized person may have had access to the email account sometime between February 7, 2023, and February 13, 2023. On April 5, 2023, based on the investigation, we confirmed that patient information was included in the AHS email account that was accessed by the unauthorized person. Upon analyzing the contents of the affected email account, it was determined that the email account contained information such as names, medical record numbers, dates of birth, phone numbers and/or health information (including diagnoses). Social security numbers and financial information were not included in the email account.
While AHS does not have evidence that any information contained in the email account was used for fraudulent purposes, AHS is unable to conclusively rule out the possibility that personal information was compromised. As such, AHS mailed notification letters to those patients who may have been affected by this incident. AHS is offering affected adults credit monitoring and affected minors cyber monitoring. These services provide alerts for 12 months from the date of enrollment. These services will be provided by Cyberscout through Identity Force, a TransUnion company specializing in fraud assistance and remediation services. AHS encourages affected individuals to remain vigilant, to continually review credit reports, bank account activity, and bank statements for irregularities or unauthorized items, and to immediately report any unauthorized charges to your financial institutions. The security experts hired to investigate this incident have assured AHS that the unauthorized person is no longer able to access our email system. AHS also reported this incident to law enforcement. Furthermore, additional email system safeguards have been implemented. We are continuously exploring ways to further strengthen the security of information in our computer and emails systems. We are also implementing a new layer of protection on all of our systems.
Asian Health Services takes its patients’ privacy and the security of information very seriously. Please contact us if we can answer questions about this event.