Posted On July 20, 2022 Consumer Privacy & Data Breaches
July 20, 2022 – Allied Urological Services, LLC reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the name, address, financial account number or credit/debit card number (in combination with security code, access code, password or PIN for the account) of certain individuals was compromised. The Allied Urological Services data breach is believed to have impacted as many as 52,981 individuals. On July 12, 2022, Allied Urological Services sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Allied Urological Services, LLC, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the letter that Allied Urological Services sent to individuals affected by the data breach:
Dear Redacted,
Allied Urological Services, LLC (“Allied Urological”) provides services related to lithotripsy and urological care on behalf of numerous health care providers, including hospitals and doctors’ offices. We write to advise you that we experienced a data security incident (the “Incident”). We are writing to let you know how this Incident may have affected your personal information (“Information”) and, as a precaution, to provide steps you can take to help protect your Information. We are unaware of any misuse of the Information, but we are contacting you to share what we know about the Incident.
What Happened?
On January 3, 2022, we identified suspicious activity in an employee’s email account (“Employee Account”) used for scheduling patient appointments. Upon learning of this, we immediately changed the Employee Account’s password, began an investigation, and took further steps to contain and remediate the situation, including a detailed examination of the contents of the email account.
Our investigation identified unauthorized access to the Employee Account between September 26, 2021, and January 3, 2022, and that the possibility exists that the contents of the Employee Account were synced to the system of an unauthorized actor. However, the investigation could not confirm or rule out this possibility.
On May 13, 2022, our investigation revealed that some of your Information was present in the email account at the time of the Incident. There is no evidence that the unauthorized actor sought to view, access, or otherwise acquire your Information. We are not aware of any fraud or misuse related to your Information. However, because your Information could have been accessed by an unauthorized actor, Allied Urological is providing this notice [Redacted].
Why Does Allied Urological Have My Personal Information?
Allied Urological provides services related to lithotripsy and urological care on behalf of numerous health care providers, including hospitals and doctors’ offices. We may have your Information because of the services we provide to [Redacted].
What Information Was Involved?
We have no evidence the unauthorized actor specifically viewed, accessed, or misused your Information. Our investigation revealed that your name and/or address, in addition to the following Information may have been involved in the account: [Redacted].
What We Are Doing.
We continue to implement appropriate measures to further improve the security of our systems and practices, including implementing additional software protections and retraining personnel. We are working with a leading cybersecurity firm to aid in our investigation and response and will report this Incident to relevant state and federal authorities. Additionally, to help prevent a similar type of incident from occurring in the future, we implemented additional security protocols designed to protect our network, email environment, systems, and personal information.
What You Can Do.
It is always recommended that you regularly and vigilantly review account statements and report any suspicious activity to financial institutions. Please also review the enclosed “Additional Resources” section included with this letter, which describes additional steps you can take to help protect your Information.
To help protect your identity, we are offering a complimentary twelve (12) month membership of Experian’s® IdentityWorksSM. This product provides you with superior identity detection and resolution of identity theft. To activate your membership and start monitoring your personal information please follow the steps below:
Make certain that you enroll by: [Redacted] (Your code will not work after this date.)
Visit the Experian IdentityWorks website to enroll: [Redacted]
Provide your activation code [Redacted]
If you have questions about the product, need assistance with identity restoration or would like an alternative to enrolling in Experian IdentityWorks online, please contact Experian’s customer care team at (877) 288-8057 by [Redacted]. Be prepared to provide engagement number [Redacted] as proof of eligibility for the identity restoration services by Experian.
For More Information.
If you have any questions please call (855) 516-3853, Monday through Friday, 8:00 a.m. to 5:30 p.m. Central Time, excluding major U.S. holidays.
