Cyber Incident Victim: Med Associates

On March 22, 2018, Med Associates, Inc., a claims processor for medical providers in the Albany, NY area, detected unusual activity on an employee’s workstation occurring that same day. The organization immediately initiated an investigation with its IT vendor and later engaged a third-party forensic firm to assist. The forensic investigation confirmed unauthorized access to the workstation, though no evidence indicated specific access or misuse of patient information. The compromised workstation potentially exposed patient data including names, dates of birth, addresses, dates of service, medical diagnosis codes, procedure codes, and insurance information such as insurance ID numbers. Notably, the workstation did not contain or provide access to banking details or credit card information. Med Associates emphasized the ongoing nature of their investigation while acknowledging the inability to definitively rule out data access or misuse due to the breach’s circumstances.

Following the incident, Med Associates secured the affected workstation and implemented stricter information security protocols. The organization augmented staff training programs focused on data privacy and security practices. Between March and June 2018, Med Associates prepared notifications to potentially affected patients, distributed via mail by June 14, 2018. These notifications outlined the incident’s scope and offered one year of complimentary credit monitoring and identity restoration services through TransUnion. A dedicated assistance line (855-206-9883) operated weekdays from 9:00 a.m. to 9:00 p.m. ET was established to address patient inquiries. Med Associates reiterated its prioritization of data security while expressing regret for potential patient concerns, though no concrete evidence of data misuse had been identified at the time of disclosure.