Posted On March 29, 2023 Consumer Privacy & Data Breaches
March 29, 2023 – Associates in Dermatology (AID) reported a data breach to the Office for Civil Rights of the U.S. Department of Health and Human Services on March 17, 2023. It appears that this was caused by a ransomware attack on Virtual Private Network Solutions, LLC (“VPN Solutions”), an AID provider that offers the business software for managing electronic health records. According to third-party sources, the issue resulted in illegal access to consumers’ names, birth dates, addresses, protected health information, and Social Security numbers.
The data breach lawyers at Console & Associates, P.C. are actively investigating the Associates in Dermatology and Virtual Private Network Solutions, LLC data breach. If you have received a breach notification and are interested in knowing about the dangers of identity theft and what you can do to protect yourself, we are providing free consultations where we can discuss your legal options for receiving recompense from the company.
A provider of healthcare is Associates in Dermatology. Associates in Dermatology is a healthcare practice headquartered in Hampton, Virginia, and 11 locations, Audubon, Fern Creek, Shelbyville, Bardstown, Lebanon, Leitchfield, Elizabethtown, Clarksville, Campbellsville, and three in Kentucky. The company operates a clinic in New Albany, Indiana. Since its founding in 2017, Associates in Dermatology has grown to a staff of over 40 individuals, including 18 doctors.
According to the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights, as well as press articles covering the incident, around October 31, 2021, VPN Solutions learned about a computer system-related data security issue. In response, the business opened an inquiry into the incident in an effort to learn more about it and determine whether any private customer information was compromised. Early reports from VPN Solutions to AID claimed that the ransomware incident had not impacted any patient data.
VPN was able to ascertain that the unauthorized third party was able to access specific files on the company’s network that held private customer information through a ransomware attack. VPN then notified AID on January 17, 2023, that patient data had been compromised as a result of the incident.
Associates in Dermatology started looking over the affected files as soon as they learned that private consumer information had been exposed to an unauthorized entity in order to ascertain what information had been leaked. By March 10, 2023, AID learned that consumers’ names, birth dates, addresses, protected health information, and Social Security numbers might have been compromised, although the specifics depend on the individual.
As a result of the current data security incident, Associates in Dermatology sent data breach notification letters to every person whose information was exposed on March 17, 2023.
A ransomware attack is a cyberattack that includes hackers installing malicious software on a company’s computer network. Malware is a type of computer program that encrypts data and prevents a business from accessing its own network. Files are encrypted when they are encoded to make them inaccessible to those without the tools to decode them.
The “ransom” component is introduced when the hackers demand money from the business in order to release the files. If the fee is made, the files will be decrypted, and the attack will stop.
Lately, hackers have grown more malicious with their threats. The motivation to pay the ransom is significantly lessened if a business has backup copies of its data. So, hackers have started to implement a technique called “double extortion.” If the company doesn’t pay, they encrypt the files and threaten to publish them on the dark web, where anyone could use the data to commit fraud and identity theft.
Ransomware attacks are preventable if data security systems are up-to-date and maintained well. Hackers take advantage of outdated technology by looking for and taking advantage of flaws. If technology is up to date, companies can detect and prevent attacks before they happen.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Associates in Dermatology data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.