Atrium Health Data Breach Exposes Untold Number of Patients to Identity Theft. Featured
Atrium Health silent on number of patient identities compromised after April 2024 email phishing attack.
A class action lawsuit investigation was launched after Atrium Health announced on September 13th 2024, that it was a victim of an April 2024 email phishing attack that may have compromised the identities of many of its’ patients.
What Happened?
On September 13th 2024, Atrium Health announced on its’ website that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on April 29, 2024, Atrium Health became aware of suspicious activity within its email environment. As a result, Atrium Health launched an investigation to determine the nature of the incident.
Through its investigation, Atrium Health learned that sensitive personal information in its systems may have been compromised by an unauthorized third-party via an email phishing attack between April 29 and April 30, 2024. As a result, Atrium Health began a review of the data to determine what information had been impacted as well as identify the specific individuals affected.
What Information Was Stolen?
On July 17, 2024, Atrium Health completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Date of birth
- Contact information (e.g., email address, phone number)
- Driver’s license or state issued identification number
- Government or employer identifiers
- Financial information (e.g., account number, routing numbers, financial institution name, security code/PIN and/or expiration date)
- Medical information (e.g., treatment/diagnosis, prescription, patient identification number)
- Health insurance and/or treatment cost information (e.g., health insurance account or policy number(s), incidental health references, billing identification numbers, access credentials, digital signature)
As a result of the data breach, Atrium Health posted a notice of the incident on its website on September 13 2024. Additionally, Atrium Health plans to mail data breach notification letters to impacted individuals. Based on the breach notice on its website, Atrium Health is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary identity monitoring services.
What is Atrium Health Doing To Protect My Identity?
Atrium Health said it would continue to strengthen its security controls and provide phishing training to its employees. According to the data breach notice, Atrium is offering affected individuals an unspecified period of complimentary credit monitoring and identity theft protection.
What Can Hackers Do With My Information?
Stolen PII and PHI can be used to commit identity theft, open new credit accounts, make unauthorized purchases or obtain loans. Cybercriminals have recently targeted America’s essential industries and in so doing have forced millions of Americans to face the fallout from these attacks.
Leaked or stolen data can be sold on the dark web forums and may be used for fraud and medical identity theft, a type of fraud, where threat actors use stolen information to submit forged claims to insurers.
Clients affected by the breach are exposed to a heightened and imminent risk of fraud and identity theft. They must now and in the future closely monitor their financial accounts to guard against identity theft and fraud.
If you receive a data breach notification from Atrium Health it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options at no cost to you. For more information, please review these recommendations.
Protect Your Identity. Join the Atrium Health Data Breach Class Action.
The lawsuit alleges that Atrium Health breached its duties under common law and the Federal Trade Commission Act to implement reasonable security measures, comply with industry standards and federal data-security regulations, encrypt sensitive data, and provide adequate and timely notice of the breach.
If you receive a notification letter from Atrium Health, you are at permanent risk of identity theft and the devastating financial and legal consequences that go along with it.
You may be eligible to participate in a class action lawsuit to recover compensation for loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more.
The lawsuit looks to cover anyone in the USA whose private information was compromised by the breach announced by Atrium Health on September 13, 2024.
Please complete the below form shown on this page and a data breach attorney will contact you. There is no cost to you.