Posted On June 15, 2022 Consumer Privacy & Data Breaches
June 15, 2022 – Central Florida Inpatient Medicine reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the names, dates of birth, medical information including diagnosis and/or clinical treatment information, physician and/or hospital name, dates of service, and health insurance information. In a limited number of cases, they write, Social Security numbers, driver’s license numbers, financial account information, and usernames and passwords of certain individuals were compromised. The Central Florida Inpatient Medicine data breach is believed to have impacted as many as 197,733 individuals. Central Florida Inpatient Medicine has started sending out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Central Florida Inpatient Medicine, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the notification that Central Florida Inpatient Medicine has posted on their website:
Central Florida Inpatient Medicine (“CFIM”) is committed to maintaining the privacy and security of the information that it maintains. CFIM recently notified individuals of a data security incident involving access to a CFIM employee email account by an unauthorized party.
Upon learning of this issue, CFIM secured the account and commenced a prompt and thorough investigation. As part of its investigation, CFIM engaged external cybersecurity professionals experienced in handling these types of incidents. The investigation worked to identify what personal information, if any, might have been contained in the affected email account. After an extensive forensic investigation and comprehensive and time-consuming manual document review, CFIM discovered on May 5, 2022 that the email account accessed between August 21, 2021 and September 17, 2021 contained identifiable personal and/or protected health information. CFIM has no evidence to suggest that any information has been misused.
However, out of an abundance of caution, CFIM provided written notification to anyone whose information may have been contained in the accessed account. The accessed email account contained the personal and protected health information of certain individuals, including their names, dates of birth, medical information including diagnosis and/or clinical treatment information, physician and/or hospital name, dates of service, and health insurance information. In a limited number of cases, Social Security numbers, driver’s license numbers, financial account information, and usernames and passwords were also impacted.
This incident does not affect all clients of CFIM and not all information was included for all individuals. CFIM is sending notification letters to each affected individual for whom we have enough information to determine a physical address. Notified individuals have been provided with best practices to protect their information and have been reminded to remain vigilant in reviewing financial account statements on a regular basis for any fraudulent activity. It has also been recommended that affected individuals review the explanation of benefits statements that they receive from their health insurance providers and follow up on any items not recognized. For the limited number of individuals whose Social Security numbers were contained in the impacted account have been offered complimentary credit monitoring. Additional safeguards are provided below under “Other Important Information”.
Since the date of this incident, CFIM has taken measures to improve its technical safeguards in order to minimize the risk of a similar incident in the future, including implementing additional technical safeguards on its email system, implementing multifactor authentication, and providing additional training to employees to increase awareness of the risks of malicious emails.
For further questions or additional information regarding this incident, or to determine if you may be impacted, CFIM has set up a dedicated toll-free response line for individuals to ask questions. The response line can be contacted at (855) 503-3415 and is available Monday through Friday, 8:00 a.m. to 5:30 p.m. Central Time, excluding major U.S. holidays.