Posted On April 24, 2023 Consumer Privacy & Data Breaches
April 24 – One Brooklyn Health (OBH) reported a data breach to the Montana Attorney General on April 20, 2023, after a hacker compromised the privacy of some of its patients’ medical records. According to the company’s official filing, the incident led to the disclosure of consumers’ names, dates of birth, driver’s license numbers, state ID numbers, Social Security numbers, medical treatment information, health insurance information, prescription information, and financial account information. OBH began delivering data breach notification letters to all persons affected by the incident once it was confirmed that patient and employee data was compromised.
Console & Associates, P.C.’s data breach lawyers are currently investigating the One Brooklyn Health data breach. If you have received a breach notice and are wondering about the risks of identity theft and what you can do to protect yourself, we are offering free consultations where we can go through your legal possibilities for getting compensation from One Brooklyn Health.
One Brooklyn Health is a healthcare provider headquartered in Brooklyn, New York. Its three largest facilities in the borough are the Interfaith Medical Center, Brookdale Hospital Medical Center, and the Kingsbrook Jewish Medical Center. Several hospitals and clinics are also under the company’s care. Over 3,000 individuals are employed by One Brooklyn Health, and the organization as a whole brings in around $942 million per year.
On November 19, 2022, OBH reported to the Attorney General of Montana that the firm had been the target of a cyberattack after its computer system encountered a momentary outage. In light of this development, OBH shut down its systems and has since been consulting with independent cybersecurity experts to determine the scope of the breach and the types of customer information that may have been compromised.
According to OBH’s investigation, between July 9, 2022, and November 19, 2022, a third party gained access to the company’s system and accessed data. It was subsequently discovered that sensitive data was stored in several of the files accessed by the attacker.
One Brooklyn Health immediately started reviewing the affected files after learning that sensitive consumer data had been made accessible to an unauthorized person. Information such as names, dates of birth, driver’s license numbers, state ID numbers, Social Security numbers, medical records, health insurance information, prescription records, and bank account information may have been compromised.
Data breach letters were sent out by One Brooklyn Health on April 20, 2023, to everyone whose personal information was exposed in the cyberattack.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Shields Health Care Group, Inc. data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the notice posted on their website:
One Brooklyn Health (“OBH”) experienced a cybersecurity incident in November 2022 that may affect the privacy of certain individuals’ personal information or protected health information (“PHI”). Those potentially affected include OBH employees and their spouses, dependents, and beneficiaries, and certain patients to whom OBH provides or provided healthcare services through its three hospital campuses, Brookdale Hospital Medical Center, Interfaith Medical Center, and Kingsbrook Jewish Medical Center, and its nursing homes and health clinics.
What Happened? On November 19, 2022, OBH experienced a cybersecurity incident that affected its computer systems and caused a temporary disruption to certain facility operations. OBH proactively took its systems offline and worked with external specialists to commence an investigation into the nature and scope of the incident. Through the investigation, OBH learned that an unauthorized actor acquired a limited amount of OBH data during a period of intermittent unauthorized access to OBH’s computer systems between July 9, 2022, and November 19, 2022. A thorough review of the contents of the affected data was subsequently performed to determine whether it contained any sensitive information and to identify affected individuals. On March 21, 2023, OBH concluded the review and determined that personal and medical information relating to individuals was in the affected files.
What Information Was Involved? Though it varies by individual, the types of personal and/or medical information that may have been accessed or acquired by the unauthorized actor included: names, Social Security numbers, driver’s license or state identification numbers, dates of birth, financial account information, medical treatment information, prescription information, medical diagnosis or condition information, and health insurance information. At this time, OBH is unaware of any or actual or attempted misuse of the affected information as a result of this incident.
What OBH Is Doing. OBH prioritizes its responsibility to safeguard the information it collects in providing services. As such, OBH responded promptly to this incident and has worked diligently to provide accurate and complete notice of the incident as soon as possible. In addition, OBH notified law enforcement and regulatory agencies of the incident and continues to cooperate with the authorities’ independent investigation efforts. As part of its ongoing commitment to the privacy and security of information, OBH is reviewing its existing policies and training protocols related to data protection. Further, OBH implemented enhanced security measures and additional monitoring tools to reduce any risk associated with this incident and to better prevent similar incidents in the future. OBH has communicated with law enforcement and with healthcare authorities regarding this incident.
What You Can Do. OBH sincerely regrets any inconvenience this incident may have caused. Although OBH is unaware of misuse of any information affected by this incident, in accordance with best practices, OBH encourages individuals to remain vigilant against incidents of identity theft and fraud by reviewing account statements, explanation of benefits, and free credit reports for unexpected activity or errors over the next 12 to 24 months. Any questionable activity detected should be reported to the associated insurance company, health care provider, or financial institution immediately.
For More Information. Individuals seeking additional information regarding this incident can call OBH’s dedicated, tollfree number at 1-833-570-3025, between 8:00 am and 8:00 pm Monday through Friday Eastern time. You may also reach us directly at: firstname.lastname@example.org. When writing to us, please provide a call back number. OBH deeply regrets any concerns this incident may cause patients and staff. OBH takes this matter very seriously and will continue to take steps to enhance the security of systems and information OBH maintains to help prevent something like this from happening again.