ARx Patient Solutions recently filed a data breach notice with the Attorney General of Maine after detecting unauthorized access to an employee’s M365 email account on June 30, 2023. This breach resulted in the exposure of sensitive consumer information, such as names, Social Security Numbers, medical details, and health insurance information. Following the discovery, ARx took immediate action by disabling the compromised email account, containing the situation, and engaging external cybersecurity experts to conduct a thorough investigation.
The investigation confirmed the unauthorized access and revealed that certain files containing confidential consumer data were accessible to the intruder. ARx diligently reviewed the compromised files to determine the extent of the breach and identify affected individuals. The breached information varied but included personal details like names, Social Security Numbers, medical records, and health insurance information, posing a significant risk to those impacted.
In response to the breach, ARx Patient Solutions promptly initiated the process of notifying all individuals affected by the security incident. These notification letters were intended to inform victims about the specific information compromised and provide guidance on steps they could take to mitigate any potential risks associated with the breach. ARx demonstrated a commitment to transparency and accountability by swiftly addressing the breach and prioritizing the protection of consumer data.
