Advanced Medical Management Reports Data Breach Affecting 319,485 Individuals
Advanced Medical Management LLC, a provider of operational, administrative, and technical healthcare management services to large physician organizations, government agencies, and health plans, has recently announced that it was the victim of a cyberattack in which the protected health information of 319,485 individuals was exposed and potentially stolen.
The forensic investigation confirmed that unauthorized individuals gained access to parts of its network that were designed and maintained by third-party vendors. The security breach was detected on May 11, 2023, with unauthorized access occurring between May 10, 2023, and May 13, 2023.
A review was conducted of all files on the compromised systems and confirmed they contained information such as names, addresses, email addresses, phone numbers, dates of birth, driver’s license numbers, Social Security numbers, and health insurance information. Notification letters started to be mailed to affected individuals on June 29, 2023.
Californian Law Firm Orrick, Herrington & Sutcliffe Confirms Data Breach
January 5, 2024
Orrick, Herrington & Sutcliffe recently filed an amended data breach report with the Maine Attorney General that shows the data breach was much worse than initially thought. When we reported on this breach on July 7, 2023, the breach had been announced as affecting 40,823 individuals. According to the amended report that was recently submitted to the Maine Attorney General, 637,620 individuals were affected. The law firm works with companies that have suffered data breaches, only to suffer one of its own. The law firm said the affected individuals had vision plans with EyeMed Vision Care, dental plans with Delta Dental, and health insurance plans with MultiPlan or Beacon Health Options (Carlon). The U.S. Small Business Administration also had data compromised. Class action lawsuits have started to be filed in response to the breach.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
July 7, 2023
The San Francisco, CA-based law firm, Orrick, Herrington & Sutcliffe LLP, has recently confirmed a breach of its IT environment and the exposure of the HIPAA protected health information of up to 40,823 individuals. In a breach report submitted to the Montana Attorney General, the law firm said a potential system intrusion was detected on March 13, 2023, and the forensic investigation confirmed that unauthorized individuals had gained access to a portion of its network where client files were stored. Those files contained names, dates of birth, addresses, and Social Security numbers. The investigation also confirmed that files had been exfiltrated from its network on March 7, 2023.
Individuals affected by the attack include members of an unnamed vision health plan, which had engaged the law firm following a security breach in 2020. The law firm started sending notification letters to affected individuals on June 30, 2023, and has offered two years of complimentary identity theft monitoring services to affected individuals. Since data was stolen in the attack, anyone receiving a letter should take advantage of the services being offered through Kroll. The law firm has confirmed that additional security measures have been implemented to prevent similar attacks in the future.
