Ransomware Attack At Enzo Biochem Exposes 2.5 Million To Identity Theft Featured

Preliminary investigation into Enzo Biochem cyberattack reveals personal and sensitive information of 2.5 million patients and employees are at risk of identity theft.

Enzo Biochem, Inc. is in the process of notifying approximately 2.5 million people across the United States that their protected health information and Social Security numbers were compromised when hackers breached their computer system earlier this year. This information may now be in the hands of criminals looking to steal their identities.

What Is Known So Far

On May 30, 2023, Enzo Biochem, a New York-based life sciences and biotechnology company, filed documents with the Securities and Exchange Commission announcing the breach. The SEC filing notes that there were 2,470,000 people who were impacted by the incident, 600,000 of whom had their Social Security numbers leaked.

While the Enzo Biochem breach impacted those who had testing performed by the company, it is possible that your information may have been compromised, even if you don’t recall undergoing any Enzo Biochem tests. The company has also announced that it is still in the process of determining whether the breach impacted employees of the company.

The external system breach occurred on April 6, 2023, at which point Enzo Biochem was able to confirm that the incident stemmed from a ransomware attack. On April 11, 2023, Enzo Biochem determined that the incident involved the Social Security numbers and protected health information of millions of patients.

What Information Was Stolen?

The list of sensitive information that was exposed includes patients’ Social Security numbers, driver’s license numbers, financial information and protected health information – including medical and health insurance information.

Protected health information, also referred to as PHI, includes all private information patients provide to their healthcare providers during the court of treatment, as well as any information the provider learns about the patient. In this case, the protected health information that was leaked appears to be clinical test information. 

What should you do if you receive an Enzo Biochem data breach letter?

After a company experiences a data breach, they are often required to send all affected parties a data breach notification letter. However, because Enzo Biochem is still in the process of investigating the impact of the recent ransomware attack, the company may not have yet sent out these letters. According to the Enzo Biochem 8-k filing on May 30, 2023, the company plans to notify all victims of the breach.

Individuals who receive a data breach letter from Enzo Biochem should take steps to protect themselves. Further, consider contacting a data breach attorney immediately. Those patients who received a data breach letter from Enzo Biochem may be entitled to financial compensation.

In the data breach letter, Enzo Biochem will very likely offer victims of the breach free credit monitoring and identity protection services. If so, victims should enroll in this service immediately. However, consumers should also know that one year of credit monitoring is not enough to protect them from the risks of a data breach.

If you receive a data breach notice from Enzo Biochem, you are one of nearly 2.5 million people who might now be at risk of identity theft and the life-interrupting financial and legal consequences that go along with it.

Case Status: Open – Not Accepting New Clients


Leave a Reply

Your email address will not be published. Required fields are marked *