Posted On June 22, 2022 Consumer Privacy & Data Breaches
June 22, 2022 – In recent data breach news, Alliance Physical Therapy Group, LLC (“APTG”) confirmed that a previously announced data breach impacted a far greater number of people than initially believed. When APTG first reported the breach, the company believed 14,970 individuals were affected. However, based on a June 21, 2022 filing, APTG now reports that 26,851 people were affected in the State of Texas alone. It remains to be seen how many people were impacted nationwide. Alliance Physical Therapy Group also updated the types of data compromised in the breach to include affected parties’ names, Social Security numbers, driver’s license numbers, bank account and credit card numbers, medical information, usernames and passwords, passport numbers, and electronic signatures, among others.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the APTG data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Alliance Physical Therapy Group, LLC.
According to an official notice filed by the company, on around December 27, 2021, Alliance Physical Therapy Group detected suspicious activity on its IT systems. After making this discovery, APTG worked with third-party cybersecurity experts to investigate the incident.
On January 7, 2022, the company’s investigation confirmed that certain personal information stored on the company’s computers was accessible to an unauthorized party between December 23, 2021 and December 27, 2021.
In response, APTG then manually reviewed all data contained on the compromised files to determine which data was impacted and who it belonged to. While this process was underway, APTG provided initial notice of the breach on February 23, 2022.
However, following the release of the initial data breach letters, Alliance Physical Therapy Group continued its review of the data. This process was completed on April 19, 2022 and confirmed that more people were impacted than the company initially believed and that a greater array of data was accessible to the unauthorized party. While the breached information varies depending on the individual, it may include your name, Social Security number, driver’s license number, financial account information, payment card information, medical information, health insurance information, username and password, passport number, employer identification number, and electronic signature.
On June 21, 2022, Alliance Physical Therapy provided an updated notice of the incident and sent out data breach letters to all individuals whose information was compromised.
Alliance Physical Therapy Group, LLC, which is also known by the name Alliance Physical Therapy Partners, is a physical therapy provider based out of Grand Rapids, Michigan. Alliance Physical Therapy Group is also affiliated with Arrow Physical Therapy & Rehabilitation (formerly known as Accelerated Physical Therapy) and Armor Physical Therapy (formerly known as Agility Health Physical Therapy). APTG is the seventh-largest physical therapy provider in the United States, with more than 100 outpatient locations nationwide, including in California, Texas, Arizona, New Mexico, Louisiana, Missouri, North Carolina, Pennsylvania, Michigan, New Jersey, and Maine, and Wisconsin.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the APTG data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a copy of the initial data breach letter issued by Alliance Physical Therapy Group, LLC (the actual notice sent to consumers can be found here):
Alliance Physical Therapy Group, LLC (“APTG”), which was formerly known as Agility Health, is providing notice of a recent incident. APTG is also affiliated with Arrow Physical Therapy & Rehabilitation, formerly known as Accelerated Physical Therapy, and Armor Physical Therapy, formerly known as Agility Health Physical Therapy. This notice provides information about the incident, APTG’s response, and resources available to help individuals protect their information from possible misuse, should they feel it necessary to do so.
What Happened? On or around December 27, 2021, APTG became aware of suspicious activity affecting certain systems within its network. APTG immediately launched an investigation, with the assistance of third-party specialists, to confirm the full nature and scope of the activity and restore functionality to the affected systems. On January 7, 2022, it was determined that certain personal information on APTG systems may have been accessed without authorization between December 23, 2021 and December 27, 2021. On February 7, 2022, APTG engaged the assistance of third-party specialists to undertake a programmatic and manual review of the potentially accessible information. On April 19, 2022, this review concluded, and it was determined that the accessible information included personal information. Thereafter, APTG performed an internal review of its records for address information in order to notify potentially affected individuals and recently concluded that effort.
What Information Was Involved? The information which was present on APTG systems and may have been accessible includes some combination of certain individuals’ names and the following information: Social Security number, driver’s license number, financial account information, payment card information, medical information, health insurance information, username and password, passport number, employer identification number, and electronic signature.
What We Are Doing. APTG takes the security of information entrusted to it seriously. As part of APTG’s ongoing commitment to the security of information within its care, APTG is reviewing its existing policies and procedures regarding cybersecurity and implementing additional measures and safeguards to protect against this type of incident in the future.
While APTG is not aware of any actual or attempted misuse of personal information as a result of this incident, APTG is also offering access to complimentary credit monitoring and identity restoration services through Equifax to individuals whose personal information was potentially accessible in APTG systems at the time of the incident. If you did not receive written notice of this incident but believe you may be affected, please contact APTG’s call center at (855) 960-3503, Monday through Friday, during the hours of 9:00 a.m. – 9:00 p.m. Eastern Time (excluding major holidays). The call center will verify whether you are eligible for services.
What You Can Do. Individuals can find out more about how to protect themselves generally against the potential misuse of information by reviewing the guidance below entitled Steps You Can Take to Protect Personal Information. The guidance provides additional information regarding fraud alerts and security freezes, as well as contact information for the nationwide consumer reporting agencies.
For More Information. If you have questions about this incident that are not addressed in this notice, please call APTG’s call center at (855) 960-3503, Monday through Friday, during the hours of 9:00 a.m. – 9:00 p.m. Eastern Time (excluding major holidays).