Posted On March 29, 2023 Consumer Privacy & Data Breaches
March 29, 2023 – After finding that a third party had broken into encrypted areas of the company’s network and gained access to private patient data, Atlantic General Hospital (or “Atlantic”) filed a notice of data breach with the Attorney General of Maine on March 24, 2023. According to the firm’s official report, the incident led to unauthorized access to customers’ names, dates of birth, driver’s license numbers, financial account information, Social Security numbers, and protected health information, including health insurance information, medical history information, diagnosis information, physicians, medical record numbers, treatment information, and subscriber numbers.
Console & Associates, P.C.’s data breach lawyers are currently looking into the Atlantic data breach. We are offering free consultations to discuss your legal options for receiving compensation from Atlantic General Hospital if you have received a breach notification and are interested in learning about the risks of identity theft and what you can do to protect yourself.
With a location in Berlin, Maryland, Atlantic General Hospital offers various services to people living in Somerset, Worcester, Sussex, and Wicomico Counties. Atlantic also runs more than 30 facilities focusing on pediatrics, women’s health, and primary care. Atlantic General Hospital opened in 1993 and has a workforce of about 940 and an annual income of about $138 million.
The company’s filing with the Attorney General of Maine and a notice on its website state that on January 29, 2023, Atlantic discovered that some files on its computer system were encrypted. Atlantic responded by opening an investigation in an effort to obtain additional details regarding the occurrence. An unauthorized individual was able to access servers on the Atlantic network on January 20, 2023, according to the Atlantic General Hospital investigation. It was discovered that some of the files that the unauthorized individual had access to contained private patient data.
The affected files were examined by Atlantic General Hospital to identify what information was compromised and which customers were impacted after it was discovered that private customer information had been made available to an unauthorized party. Consumers’ names, dates of birth, driver’s license numbers, financial account information, Social Security numbers, and protected health information, including health insurance information, medical history information, diagnosis information, physicians, medical record numbers, treatment information, and subscriber numbers may all have been compromised, though the specifics may vary by individual.
On March 24, 2023, Atlantic General Hospital sent data breach notification letters to all patients whose information was exposed in the recent data leak.
Hackers can carry out a wide range of offenses because of the enormous amount of information that was leaked in the Atlantic General Hospital data breach. They can do any number of them themselves or sell the information they have on the dark web to people who want to do the same thing.
The information gathered during the malware attack can potentially cause a wide range of harm. Hackers may use the information stolen from you to make fraudulent charges on your accounts and credit cards. They can even apply for new cards and loans in your name. Obtaining the data necessary to apply for a credit card is simple and straightforward and includes details such as names, Social Security numbers, and dates of birth, all of which were included in the Atlantic data breach.
Hackers can also use your personal information to do more than just steal your money. They can commit medical identity theft which can leave you with medical bills and inaccurate medical records. All of your confidential health data is vulnerable, which can lead to incorrect medical history or medications being documented.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Atlantic General Hospital data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the notice posted on their website:
Atlantic General Hospital (“AGH”) is providing notice of an incident that may affect the privacy of personal information. AGH takes this incident seriously. This notice provides details of the incident, our response, and steps individuals may take to better protect against possible misuse of their personal information, should they feel it appropriate to do so.
What Happened? On January 29, 2023, AGH discovered encrypted files on certain computer systems. We immediately launched an investigation, with the assistance of third-party forensic specialists, to determine the nature and scope of the activity. Our investigation determined that there was unauthorized access to certain of our servers beginning on January 20, 2023. Through our investigation, we learned that certain files within our network were subject to unauthorized access during the period of unauthorized access. AGH then undertook a comprehensive review of these files to determine what data was contained within the files and to whom that data relates. On March 6, 2023, AGH determined that the impacted files contained certain information related to patients and/or employees. On March 24, 2023, AGH began mailing letters to potentially impacted individuals. AGH has seen no evidence of misuse of any information related to this incident.
What Information Was Involved? While the specific data elements vary for each potentially affected individual, the scope of information potentially involved includes an individual’s name, and one or more of Social Security number, driver’s license number, financial account information, date of birth, medical record number, treating/referring physician, health insurance information, subscriber number, medical history information, diagnosis/treatment information.
We take the confidentiality, privacy, and security of information in our care seriously. Upon discovery, we immediately commenced an investigation to confirm the nature and scope of the incident. We reported this incident to law enforcement, and we are taking steps to implement additional safeguards and review policies and procedures relating to data privacy and security.
AGH encourages individuals to remain vigilant against incidents of identity theft and fraud by reviewing personal account statements and monitoring free credit reports for suspicious activity and to detect errors. Individuals can review the enclosed Steps You Can Take to Help Protect Personal Information for additional details on how to take steps to protect personal information should they feel it is necessary to do so.
Whom Should Individuals Contact for More Information? If individuals have questions about this incident, please call 1-888-338-9887, Monday through Friday, from 9:00 a.m. to 9:00 p.m. Eastern Time.