Posted On July 25, 2022 Consumer Privacy & Data Breaches
July 25, 2022 – Shields Health Care Group, Inc. reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the full name, Social Security number, date of birth, home address, provider information, diagnosis, billing information, insurance number and information, medical record number, patient ID, and other medical or treatment information of certain individuals was compromised. On July 25, 2022, Shields Health Care Group, Inc. sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Shields Health Care Group, Inc., contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the letter that Shields Health Care Group, Inc. sent to individuals affected by the data breach:
Shields Health Care Group, Inc. (“Shields”) recently became aware of suspicious activity on its network. Shields provides management and imaging services on behalf of the health care facilities (“Facility Partners”) listed below. With the assistance of third-party forensic specialists, we took immediate steps to contain the incident and to investigate the nature and scope of the incident. Shields is issuing this notice on behalf of itself and the Facility Partners to communicate what is known about the incident, our response, and steps impacted individuals can take, if deemed appropriate. Certain patients of these Facility Partners may be impacted.
On March 28, 2022, Shields was alerted to suspicious activity that may have involved data compromise. Shields immediately launched an investigation into this issue and worked with subject matter specialists to determine the full nature and scope of the event.
This investigation determined that an unknown actor gained access to certain Shields systems from March 7, 2022 to March 21, 2022. Furthermore, the investigation revealed that certain data was acquired by the unknown actor within that time frame. Although Shields had identified and investigated a security alert on or around March 18, 2022, data theft was not confirmed at that time.
Shields worked with specialists to perform a comprehensive review of the potentially affected data to determine what individual personal information may have been involved, and began notifying its health care facility partners on May 25, 2022. While Shields’ review is still ongoing, Shields is providing notice to individuals identified thus far as being impacted.
What Information Was Involved?
The type of information that was or may have been impacted could include one or more of the following: full name, Social Security number, date of birth, home address, provider information, diagnosis, billing information, insurance number and information, medical record number, patient ID, and other medical or treatment information.
What Are We Doing?
Shields takes the confidentiality, privacy, and security of information in our care seriously. Upon discovery, we took steps to secure our systems, including rebuilding certain systems, and conducted a thorough investigation to confirm the nature and scope of the activity and to determine who may be affected. Additionally, while we have safeguards in place to protect data in our care, we continue to review and further enhance these protections as part of our ongoing commitment to data security.
We have notified federal law enforcement, and will be reporting this incident to relevant state and federal regulators. Further, once we complete the review of the impacted data, we will directly notify impacted individuals where possible so that they may take further steps to help protect their information, should they feel it is appropriate to do so.
What Can Affected Individuals Do?
We encourage impacted individuals to review Steps You Can Take to Help Protect Your Information, which is included below.
For More Information.
We understand you may have additional questions concerning this incident. Individuals can direct questions to (855) 503-3386. The call center hours will be 8:00 am-5:30 pm Central Time, Monday through Friday, excluding major U.S. holidays.