On July 24, 2024, American Clinical Solutions, based in Sun City, Florida, filed a data breach notice with the U.S. Department of Health and Human Services Office for Civil Rights. This breach involved unauthorized access to sensitive information affecting approximately 300,000 consumers, a significant decrease from earlier estimates of 400,000. ACS is expected to send data breach notification letters to those affected, providing details about the compromised information.
The breach was reported following an incident in May 2024 when ACS was targeted by a notorious hacker group that claimed to have stolen medical records from its facilities. The hackers had demanded a ransom and threatened to leak the data on the dark web if not paid by May 25, 2024. While it remains unclear if ACS complied with the ransom demands, the breach notice indicates a serious compromise of consumer data.
As investigations continue, ACS’s filing with the HHS provides limited details about the breach’s circumstances and the specific vulnerabilities exploited. However, news coverage has highlighted the urgency of the situation, as ACS navigates the fallout from this significant security incident. The company is working to ensure transparency and accountability while managing the impact on its clients.
Founded in 2008, American Clinical Solutions specializes in various testing services, including drug screening, and employs over 125 staff members. With annual revenues around $20 million, the company aims to maintain its reputation in the healthcare industry despite the challenges posed by this data breach.
Reference: