Summit Reinsurance Services, Inc., recently suffered data breach when it became aware of a ransomware attack on its server. Patient PHI was present was involved in the incident. Facility immediately conducted Investigation. It mentioned that an unauthorized user accessed the server during March 13, 2016.
Affected information included Social Security numbers, health insurance information, provider names, and claim-focused medical records containing diagnoses and clinical information.
Facility didn’t mention the number of affected patients. Also, there is no information or evidence of any misuse of information. It is providing information about ways of protecting against identity theft and fraud. One year of free credit monitoring and identity restoration is provided.
As per the statement:
- Facility is asking patients to remain vigilant against incidents of identity theft and fraud. Review of account statements should be done. Also, credit reports and explanation of benefits forms should be monitored for suspicious activity.
- Three major credit bureaus can be reached directly to request a free copy of credit report.
- Fraud alerts can be placed on the files that will alert affected patients before granting credit. But it will delay ability to obtain credit while the agency verifies identity.
- Security freeze on credit reports can be placed. Once this is activated, credit bureau can’t release consumer’s credit report without the consumer’s written authorization. This facility will affect customers request for new loans, credit mortgages, employment, housing, or other services.
“In order to request a security freeze, you will need to supply your full name, address, date of birth, Social Security number, current address, all addresses for up to five previous years, email address, a copy of your state identification card or driver’s license, and a copy of a utility bill, bank or insurance statement, or other statement proving residence.”
Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.