Posted On May 1, 2023 Consumer Privacy & Data Breaches
May 1 – After discovering on April 28, 2023 that a security breach had compromised the privacy of some of the company’s consumer information, NextGen Healthcare, Inc. (NextGen) notified the Montana Attorney General of the breach. A third party gained access to the personal information of some of the firm’s consumers, including their names, Social Security numbers, mailing addresses, and birth dates, according to an official filing by the company. NextGen began distributing data breach notification letters to all persons affected by the recent data security issue once it was confirmed that customer data was compromised.
Console & Associates, P.C.’s data breach lawyers are now investigating the data breach at NextGen Healthcare, Inc. Please contact us for a free consultation if you have received a breach notice from NextGen and want to learn more about the dangers of identity theft and what you can do to protect yourself, and if you are able to pursue a lawsuit against NextGen for financial compensation.
NextGen Healthcare, Inc., headquartered in Atlanta, Georgia, is a software and services firm that helps ambulatory medical providers with things like patient experience, analytics & reporting, revenue cycle management, practice management, data platforms, and value-based care. NextGen Healthcare began operations in 1974, and today it employs over 2,800 employees and has annual sales of over $625 million.
NextGen was alerted to potential security breaches in its network on March 30, 2023, per a document filed with the Montana Attorney General. NextGen quickly responded by tightening security across the board and engaging outside cybersecurity experts to help determine the scope of the breach and whether or not customer information was compromised.
According to NextGen’s probe, a hacker gained access to the company’s network sometime between March 29, 2023 and April 14, 2023. It was later learned that sensitive customer data was stored in several of the files accessed by the intruder.
NextGen Healthcare immediately launched an examination of the affected files after learning that sensitive customer data had been made available to an unauthorized person. Information such as names, Social Security numbers, addresses, and dates of birth may have been compromised; however, the specifics vary from person to person.
NextGen Healthcare notified all affected parties of the data breach through letters dated April 28, 2023.
If NextGen Healthcare, Inc. notifies you of a data breach, it means that your sensitive information, such as name, SSN, and address, may have fallen into the wrong hands. Hackers can utilize this sensitive data in a variety of malicious ways. Identity theft and fraud sometimes include the use of stolen Social Security numbers. A criminal trying to acquire such details may find them for sale on the dark web. When hackers obtain even the most basic information about you, they have a wider window of opportunity to perpetrate crimes against you. As a victim, you need to know your rights and what you can do to protect yourself.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the NextGen Healthcare, Inc. data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the letter sent to affected individuals:
We are writing to let you know about a security incident involving certain of your personal information. This notice explains what happened, what information may have been affected, what measures we are taking in response, and steps you can take to protect yourself. Who We Are NextGen Healthcare, Inc. provides electronic health records and practice management solutions to doctors and medical professionals. In support of the services we provide to your medical professionals, we maintain certain of your personal information on their behalf.
What Happened. On March 30, 2023, we were alerted to suspicious activity on our NextGen Office system. In response, we launched an investigation with the help of third-party forensic experts. We also took measures to contain the incident, including resetting passwords, and contacted law enforcement . Based on our in-depth investigation to date, supported by our external experts, it appears that an unknown third-party gained unauthorized access to a limited set of electronically stored personal information between March 29, 2023 and April 14, 2023. As a result of our detailed analysis of the information impacted, we recently determined that certain of your personal information was included in the electronic data accessed during the incident. Below we have provided information about what information was involved, what we are doing in response, and what you can do to proactively protect yourself.
What Information Was Involved. The personal information contained in the electronic data accessed during the incident included your name, date of birth, address, and social security number. Importantly, our investigation has revealed no evidence of any access or impact to any of your health or medical records or any health or medical data. Furthermore, there is no evidence to suggest there has been any fraudulent use of the personal information accessed.
What We Are Doing. As noted, as soon as we discovered the suspicious activity, we launched an internal investigation and engaged the assistance of leading forensic experts. At the same time, we took measures to contain the incident, including resetting passwords, and further reinforcing the security of our systems. We also contacted law enforcement, and have been working with them since. We take this matter very seriously, and in addition to the steps already described, NextGen Healthcare is offering you 24 months of free fraud detection and identity theft protection through Experian’s® IdentityWorks℠ product. If you wish to take advantage of these services, activation instructions are below.
What You Can Do. Though we have no evidence that any of your personal information has been fraudulently used, we encourage you to remain vigilant by reviewing your account statements and credit reports closely. At the end of this letter, we have provided you with additional information regarding steps you can proactively take to further protect yourself and your personal information. It describes information about (1) reporting suspicious activity or suspected identity theft, (2) credit reports, (3) fraud alerts, (4) credit/security freezes, (5) your rights under the Fair Credit Reporting Act, and (6) information about taxes. We encourage you to review that additional information.
For More Information. We take very seriously the security and privacy of your information, and deeply regret any inconvenience this may cause. If you have any questions, please call us 800-984-8279toll-free Monday through Friday from 8 am – 10 pm Central, or Saturday and Sunday from 10 am – 7 pm Central (excluding major U.S. holidays). Please be prepared to provide your engagement number [Redacted].