In January 2024, several Ernest Health Rehabilitation Hospitals were victims of a data breach, compromising the sensitive information of numerous patients.
What happened
The data breach at Ernest Health and its affiliated hospitals occurred when an unauthorized party gained access to the company's IT network. Between January 16, 2024, and February 4, 2024, the hackers were able to infiltrate the system and access sensitive patient information.
Ernest Health promptly initiated an investigation upon discovering the breach and engaged the assistance of third-party data security specialists to assess the extent of the incident. The company also reported the breach to law enforcement authorities to aid in pursuing the perpetrators.
Going deeper
The data breach at Ernest Health has potentially affected the personal information of millions of patients. The compromised data encompasses a wide range of sensitive details, including identifiable information, medical records, and insurance data. This breach puts the affected individuals at risk of identity theft, fraudulent activities, and other privacy-related concerns.
To mitigate the impact on patients, Ernest Health has begun sending out data breach notification letters to all individuals whose information was compromised. These letters outline the specific details of the breached information and guide the necessary steps patients can take to protect themselves from potential harm.
The company filed a notice of the breach with the Attorney General of Massachusetts and has been working diligently to investigate the incident and mitigate further risks.
In addition to notifying affected individuals, Ernest Health has been in frequent communication with its impacted customers, providing support and guidance on responding to the breach. The company has placed emphasis on its commitment to cybersecurity, pledging to enhance its investments in this area to prevent future incidents and safeguard patient information.
In the know
The data breach affected several hospitals owned by Ernest Health. The following is a list of the affected facilities:
- Advanced Care Hospital of Southern New Mexico
- Denver Regional Rehabilitation Hospital
- Greenwood Regional Rehabilitation Hospital
- Lafayette Regional Rehabilitation Hospital
- Mountain Valley Regional Rehabilitation Hospital
- Northern Colorado Rehabilitation Hospital
- Northern Idaho Rehabilitation Hospital
- Northern Utah Rehabilitation Hospital
- Rehabilitation Hospital of Southern New Mexico
- Rehabilitation Hospital of the Northwest
- Summa Rehabilitation Hospital
- Trustpoint Rehabilitation Hospital of Lubbock
If you have received a data breach notification letter from Ernest Health, it is recommended that you take immediate action to protect yourself from potential fraud or identity theft. Here are some steps you can take:
- Monitor your accounts: Keep a close eye on your financial accounts, credit reports, and insurance statements for any suspicious activity. Report any unauthorized transactions or discrepancies to your bank or credit card issuer immediately.
- Freeze your credit: Consider placing a freeze on your credit to prevent unauthorized individuals from opening new accounts in your name. Contact the major credit bureaus to initiate a credit freeze.
- Enable two-factor authentication: Enhance the security of your online accounts by enabling two-factor authentication. This adds an extra layer of protection by requiring a second verification step, such as a unique code sent to your mobile device, in addition to your password.
- Be cautious of phishing attempts: Be vigilant for phishing emails or calls attempting to gather additional personal information. Avoid clicking on suspicious links or providing sensitive information over the phone unless you are confident of the request's legitimacy.
- Consider identity monitoring services: Evaluate the option of enrolling in identity monitoring services, which can help detect and alert you to any suspicious activity related to your personal information.
Farah Amod
