The American Osteopathic Association has just begun notifying nearly 28,000 individuals about a June 2020 data exfiltration incident involving their personal information. The medical professional organization says workforce challenges during the pandemic led to the delayed identification of people affected by the data breach.
In a breach report submitted on Wednesday to the state of Maine’s attorney general office, AOA says the incident affected about 27,500 individuals, including 209 Maine residents.
AOA, in a sample breach notification letter provided to Maine’s attorney general’s office, says that on June 25, 2020, AOA became aware of “suspicious activity” relating to certain systems. AOA worked with third party forensic investigators to examine the nature and scope of the activity, and the AOA systems of interest, the letter notes.