Continuum Health Alliance Data Breach Puts 377k Consensus Medical Group Patients at Risk of Identity Theft Featured
Continuum’s failure to implement industry standard network security enabled hackers to steal identities of 377,119 patients.
A class action lawsuit was filed in the wake of Continuum Health Alliance’s (“Continuum“) recent announcement that it experienced a data breach in October 2023 that exposed the data of 377,119 patients of its client, Consensus Medical Group, a physician-owned medical group in Evsham, NJ.
The lawsuit alleges that the Data Breach was made possible due to Continuum’s failure to implement industry standard security measures as mandated by state and federal laws. The negligence being only more egregious given that Continuum knew or should have known that the U.S. healthcare industry is under constant attack by threat actors intent on stealing and monetizing personal identities.
What Happened?
According to the Notice of Data Event filed on the Attorney General of Maine’s website, on October 19, 2023, Continuum discovered suspicious activity within its network. It immediately took steps to secure its systems and initiated an investigation into the nature and scope of the event with the assistance of third-party industry specialists.
The investigation determined that an unauthorized actor gained access to certain systems in Continuum’s network between October 18, 2023 and October 19, 2023, and accessed or acquired certain files stored on those systems during this time. It identified the affected files and conducted a review of the files in order to identify the type of information contained therein, and to whom the information relates.
On March 8, 2024, this review was completed, and it confirmed the extent of information involved. Since
this time, Continuum has worked to verify the information and locate missing addresses in order to provide accurate notices to those affected by the breach.
What Information Was Stolen?
According to the Notice of Data Breach mailed to affected individuals, the review determined that the following information was present in the files accessed and acquired by the unauthorized actor –
- name,
- Social Security number,
- date of birth,
- health insurance information,
- medical information, and
- phone number
What is Continuum Doing To Protect My Identity?
Continuum’s claims that it “took steps to secure” its system and that it has “implemented additional security measures to further protect against similar incidents moving forward” but did not elaborate as to what those measures are.
The affected individuals have been offered complimentary credit monitoring and identity theft protection services for 12 months.
The lawsuit argues that 12 months of credit monitoring is nothing in the face of a life-long heightened risk of identity theft.
What Can Identity Thieves Do With My Information?
Stolen personally identifiable information (PII) can be used to commit identity theft, open new credit accounts, make unauthorized purchases or obtain loans. Cybercriminals have recently targeted America’s essential industries and in so doing have forced millions of Americans to face the fallout from these attacks.
Leaked or stolen data can be sold on the dark web forums and may be used for fraud and medical identity theft, a type of fraud, where threat actors use stolen information to submit forged claims to insurers.
Clients affected by the breach are exposed to a heightened and imminent risk of fraud and identity theft. They must now and in the future closely monitor their financial accounts to guard against identity theft and fraud.
If you receive a data breach notification from Continuum Health Alliance, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options at no cost to you. For more information, please review these recommendations.
Protect Your Identity. Join the Continuum Health Alliance Data Breach Class Action.
If you receive a notification letter from Continuum Health Alliance, you are at permanent risk of identity theft and the devastating financial and legal consequences that go along with it.
You may be eligible to participate in a class action lawsuit to recover compensation for loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more.
The lawsuit looks to cover anyone in the USA whose private information was compromised by the breach announced by Continuum Health Alliance.
Please complete the below form shown on this page and a data breach attorney will contact you. There is no cost to you.