Consulting Radiologists LTD. (CRL), a physician-owned sub-specialty radiology practice, recently announced a data security incident involving the sensitive information of its patients. While CRL has not detected any fraudulent misuse of the compromised data, the organization is providing details about the incident, its response measures, and resources to help affected individuals protect their information. CRL emphasizes its commitment to the protection and proper use of patient data.
The incident was detected on February 12, 2024, when CRL identified suspicious activity within its network environment. Upon discovering the breach, CRL immediately secured its network and enlisted a specialized cybersecurity firm to investigate the nature and extent of the unauthorized access. The investigation revealed that an unauthorized actor had accessed certain files and data stored on CRL’s network. Following this discovery, CRL undertook a thorough and time-intensive review of the data affected by the incident. By April 17, 2024, CRL identified the individuals whose sensitive information was compromised.
The data potentially accessed and acquired by the unauthorized actor includes names, addresses, dates of birth, Social Security numbers, health insurance information, and medical information. Although there is no evidence to suggest that any of this information has been misused, CRL is notifying affected individuals out of an abundance of caution and in the interest of full transparency.
In response to the breach, CRL has made data security a top priority. The organization swiftly initiated an investigation, engaging a leading forensic investigation firm to assess and confirm the security of its network environment. CRL has also implemented additional monitoring tools and continues to enhance its system security to prevent future incidents. The protection and proper use of personal information remain paramount to CRL, as it works diligently to safeguard the data of its patients and maintain their trust.
Reference:
