Ott Cone & Redpath, P.A., a legal services provider to healthcare entities based in Greensboro, North Carolina, has reported a cyberattack affecting its systems, which was discovered on October 31, 2024. The attack targeted the firm’s email account, potentially compromising protected health information (PHI) and personally identifiable information (PII) of certain individuals. In response to the breach, the firm worked closely with cybersecurity experts to secure its systems and thoroughly investigate the nature and scope of the incident. While no misuse of the compromised data has been detected, Ott Cone is taking proactive measures to notify affected individuals.
The breach may have exposed sensitive personal data, including names, dates of birth, social security numbers, medical treatment information, and health insurance details. In some cases, limited financial account information was also involved. Although Ott Cone has not found any evidence that the information was misused, the firm has moved forward with a comprehensive notification process to inform affected individuals. As an additional precaution, those whose data was compromised are being offered 12 months of free credit monitoring and identity theft protection services through IDX.
In addition to providing credit monitoring services, Ott Cone is advising affected individuals to take further steps to protect their information. These steps include contacting the nationwide credit-reporting agencies to place a fraud alert on their credit files. The fraud alert will remain on the affected individuals’ credit files for 90 days, offering an added layer of protection against potential identity theft. Ott Cone has emphasized the importance of vigilance in monitoring personal and financial accounts in the aftermath of the breach.
The firm has expressed its commitment to safeguarding sensitive information and has already implemented a series of cybersecurity improvements. These enhancements aim to prevent similar incidents from occurring in the future. Ott Cone continues to evaluate its internal processes and systems to ensure the highest level of security for the personal information it handles. As the firm works to resolve the incident, it reassures affected individuals that it is taking all necessary steps to protect their privacy and security.
Reference:
