Coastal Medical Group, Old Bridge, is notifying patients of a data security incident that involved the patients’ health information.
On April 21, the practice discovered that certain of its computer systems were being affected by a data security event that the practice believes began on March 25, 2021, according to a prepared statement.
After discovering the unusual activity, the practice initiated its incident response and recovery procedures and worked quickly to assess the security of its systems, according to the statement.
The investigation determined that the incident resulted in the unauthorized access and acquisition of certain files on the practice’s computer systems, according to the statement.
As a result, Coastal Medical Group is notifying all of its patients to make them aware of the event and offer resources to help ensure their information remains protected.
The practice also notified the U.S. Department of Health and Human Services of this incident as well as the Federal Bureau of Investigation (FBI) and are cooperating with the FBI’s criminal investigation of the individual(s) responsible for this event, according to the statement.
In addition, Coastal Medical has taken steps, including implementation of additional safeguards, to try and prevent similar incidents in the future, according to the statement.
The information affected by the incident may have included full name, home address, date of birth, and other demographic and contact information, Social Security number, insurance information, and diagnosis and treatment information.
The affected computer systems did not contain any payment card or financial account information.
Although the practice has no evidence that any information has actually been misused, individuals should always remain alert by regularly reviewing account statements and monitoring free credit reports, and immediately report to their banks and other financial institutions any suspicious activity involving their accounts according to the statement.
The practice has offered credit monitoring and identity theft protection services to affected patients at no charge.
The practice has set up a toll-free number to answer patients’ questions about the incident. Practice patients may call 833-210-4611 between the hours of 9 a.m. and 11:00 p.m. Eastern Time Monday through Friday, and 11 a.m. and 8 p.m. Eastern Time Saturday and Sunday for more information.