Posted On April 25, 2023 Consumer Privacy & Data Breaches
April 25 – Robeson Health Care Corporation notified the Maine Attorney General of a data breach on April 21, 2023, after discovering that sensitive patient information had been obtained by unknown users due to a malware attack. According to the company’s official report, the breach exposed consumers’ names, Social Security numbers, birth dates, residences, and protected health information. After it was determined that customer information had been compromised, RHCC immediately started notifying the more than 15,045 individuals whose information had been compromised by letter.
You should know what’s at stake if a data breach notice has been sent to you. Console & Associates, P.C.’s data breach lawyers are now looking into the Robeson Health Care Corporation data breach. As part of our inquiry, we are offering free consultations to anyone whose personal information was compromised as a result of this leak and who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and possible legal options for seeking compensation from RHCC.
Robeson Health Care Corporation is a healthcare network headquartered in Pembroke, North Carolina, serving the surrounding areas of Robeson County, Scotland County, Columbus County, and Montgomery County by operating seven health clinics across those counties. Outreach is another important part of what RHCC does in the communities it serves. Robeson has about 234 employees and an annual revenue of over $32 million.
RHCC discovered a malware infection on its computer system on February 21, 2023, as stated in a document filed with the Attorney General of Maine. In response, RHCC severed its connection to the internet and started collaborating with outside forensic experts to determine what had happened.
After looking into what happened, RHCC discovered that someone had hacked into its networks between February 17 and 23, 2023. RHCC later realized on March 31, 2023, that some of the files the intruder had access to included private patient data.
Robeson started reviewing the hacked files to ascertain what information was exposed and who was affected after learning that sensitive customer data had been made accessible to an unauthorized person. Your name, Social Security number, date of birth, and address may have been compromised, along with your protected health information, such as your medical record number, patient identification number, treatment information, prescription information, physicians, health insurance information, treatment costs, and Medicaid/Medicare numbers.
Robeson notified all customers whose personal information was stolen in the incident via letter on April 21, 2023.
Robeson Health Care Corporation’s data breach revealed an enormous amount of sensitive information that hackers might use for various malicious purposes. They may use this information for their own criminal purposes, or they can sell it to others on the dark web.
With the massive amount of data stolen in the Robeson Health Care Corporation data breach, hackers may commit various crimes. They can do any number of criminal acts, or profit from doing so by selling this information to others on the dark web.
Identity theft is not limited to monetary transactions, and hackers may exploit your data for other purposes as well. Identity theft in the medical field is possible as well. If they get access to all of your protected health information, they may get medical treatment in your name and rack up huge bills for it. Your medical records might be at risk of being inaccurate if they include false information about your medical history or the drugs you use.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Robeson Health Care Corporation data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a portion of the letter sent to affected individuals:
Dear [Redacted],
At Robeson Health Care Corporation (“RHCC”), we take the privacy and security of patient information seriously. We are therefore notifying you of a data security event. Please read this letter carefully.
What Happened? On February 21, 2023, RHCC became aware that our computer network was affected by malware. We disconnected our network from the internet and partnered with computer forensic specialists to restore our systems safely and understand the nature and scope of the event. We commenced a thorough investigation which determined an unauthorized third-party gained access to our systems between February 17 and February 21, 2023. RHCC has no indication that our electronic medical records (EMR) data bases were accessed without authorization. However, based on available evidence, we concluded on March 31, 2023, that your sensitive personal information could have been viewed or taken during the period of unauthorized access. We are notifying you accordingly, and out of an abundance of caution.
What Information Was Involved? The information potentially accessible on our network could have included your name, address, Social Security number, date of birth, treatment information/diagnosis, treating physician, medical record number (MRN), patient ID number, Medicare/Medicaid number, prescription information, health insurance information, and treatment costs. We stress that to date, we have received no reports or evidence to suggest fraud or identity theft occurred as a result of this event.
What We Are Doing. Upon discovery of the suspicious activity, we disconnected our network from the internet and partnered with computer forensics specialists to restore our systems safely. We conducted a thorough investigation to understand the nature and scope of the event. We reset passwords and enabled multi-factor authentication for all users. We continue to review the policies and procedures in place prior to the event, to identify ways to strengthen our security going forward. As an added precaution to help protect your identity, we are offering complimentary access to Experian IdentityWorksSM for twelve (12) months.
What You Can Do. We encourage you remain vigilant for instances of fraud or identity theft, from any source. You should monitor your account statements, credit reports, and explanations of benefits (EOBs) and report any suspicious activity to your financial institution or the appropriate service provider. You may also file a report with law enforcement, your state attorney general, and/or the Federal Trade Commission. Please refer to the enclosed documentation titled “Additional Steps to Help Protect Your Information” for more information and recommended steps you can take in response to this event, should you find it appropriate to do so.
Other Important Information. RHCC is committed to protecting the information that is entrusted in our care. We are very sorry for any concern or inconvenience caused by this event.
For More Information. If you have further questions in regard to this matter, please contact our dedicated response line at 1-833- 796-8636, Monday to Friday 9:00 AM to 11:00 PM (Eastern) and Saturday & Sunday 11:00 AM to 8:00 PM (Eastern), for further information and assistance.
