Access Sports Medicine & Orthopaedics has reported a significant cybersecurity breach affecting personal health information. The incident, which was first detected on May 10, 2024, involved suspicious activity in the company’s network. An initial investigation revealed that a local threat actor had compromised a test computer, leading to unauthorized access to certain files and data. This breach, while involving a test computer with dummy data, raised concerns when it was discovered that personal health information (PHI) of some individuals had been exposed.
The compromised data includes a range of sensitive information, such as names, dates of birth, medical information, Social Security numbers, health insurance details, and limited financial data. Access Sports Medicine took immediate action by disconnecting its network, changing administrative credentials, and restoring operations securely. The company has also engaged a specialized cybersecurity firm to thoroughly investigate the breach and assess the full extent of the impact.
In response to the incident, Access Sports Medicine is providing affected individuals with free credit monitoring services through Cyberscout. These services include alerts for changes to credit files and proactive fraud assistance. The organization is committed to ensuring the privacy and security of personal information and is implementing enhanced security measures to prevent future breaches. As of now, there have been no reports of identity theft linked to the breach.
Individuals impacted by the breach are being notified via mail, and those who have not received a letter but believe they may be affected can contact Access Sports’ dedicated assistance line at 1-833-531-2016. The company encourages everyone to remain vigilant, review account statements, and monitor credit reports for any unusual activity. Access Sports Medicine remains focused on protecting personal information and will continue to update affected individuals with any new developments.
Reference:
