Posted On August 4, 2022 Consumer Privacy & Data Breaches
August 4, 2022 – On July 29, 2022, Healthback Holdings, LLC reported a data breach after an unauthorized party was able to access an employee email account containing sensitive patient information. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to the following data types: patient names, health insurance information, Social Security numbers, and clinical information. After confirming that consumer data was leaked, Healthback began sending out data breach notification letters to all individuals who were impacted by the recent data security incident. Based on Healthback’s most recent estimate, the breach impacted 21,114 patients.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Healthback data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Healthback Holdings, LLC.
According to an official notice filed by the company, on June 1, 2022, Healthback learned that an unauthorized party had gained access to an employee’s email account. In response, Healthback retained the services of a cybersecurity firm to investigate the incident. This investigation revealed that several employee email accounts were compromised and that the unauthorized party was able to access the accounts between October 15, 2021 and May 15, 2022.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, Healthback Holdings then reviewed the affected email accounts, including all emails and attachments, to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, health insurance information, Social Security number, and clinical information.
On July 29, 2022, Healthback Holdings sent out data breach letters to 21,114 individuals whose information was compromised as a result of the recent data security incident.
More Information About Healthback Holdings, LLC
Healthback Holdings, LLC is a home healthcare company based in Chickasha, Oklahoma. The company arranges to have employees visit patients’ homes to provide needed services, including skilled nursing, physical therapy, advanced wound care, occupational therapy, and speech therapy. Healthback Holdings operates over 30 locations in Oklahoma and Missouri. Healthback Holdings employs more than 300 people and generates approximately $20 million in annual revenue.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the Healthback data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a copy of the initial data breach letter issued by Healthback Holdings, LLC:
Healthback Holdings, LLC (“Healthback”) is committed to protecting the confidentiality and security of our patients’ information. This notice is to inform our patients of a recent email phishing incident that may have involved some of that information.
On June 1, 2022, Healthback became aware of unauthorized access within our employee email environment. With the assistance of a cybersecurity firm, we determined that an unauthorized person gained access to a limited number of employee email accounts between October 5, 2021 and May 15, 2022. Because the investigation was unable to determine which emails, if any, were viewed by the unauthorized person, we conducted a comprehensive review of all emails and attachments in the email accounts. We determined that patient information, including names, health insurance information, Social Security numbers, and clinical information, was contained within these email accounts.
On July 29, 2022, Healthback mailed letters to affected patients and opened a dedicated, toll- free call center to answer questions about the incident. We are recommending patients review their healthcare statements for accuracy and report any services not received to their provider or insurer. We are also offering complimentary credit monitoring and identity theft protection services to those who are eligible. If you believe you are affected by this incident, and do not receive a letter by August 29, 2022, please call 1-844-548-0230, Monday through Friday, between 7:00 a.m. and 7:00 p.m. Central Time.
Healthback takes patient privacy and confidentiality very seriously. To help prevent something like this from happening again, we strengthened our email security protocols and provided additional training to our employees on how to detect and avoid phishing emails.