Prentke Romich Company, doing business as PRC-Saltillo, issued a notification regarding a data security incident that may have affected the privacy of some individuals’ information. The breach was detected on August 21, 2024, when suspicious activity was observed on the company’s computer network. Upon investigation, it was discovered that between August 13 and August 21, 2024, an unauthorized actor potentially copied certain files from the company’s network, including files containing sensitive personal information. PRC-Saltillo began an immediate investigation into the event and took steps to secure their systems.
The data involved in the breach included personal details such as names, addresses, phone numbers, dates of birth, health insurance policy numbers, medical device purchase information, and referring physician details. PRC-Saltillo has stated that they are taking the matter seriously, initiating measures to protect affected individuals and prevent future incidents. The company has also initiated a review of its policies and procedures related to data security and information storage.
As a precautionary measure, PRC-Saltillo is offering complimentary credit monitoring and identity theft protection services through Experian for those affected by the breach. The company encourages individuals to monitor their accounts, review credit reports, and take advantage of the free monitoring services provided. Additionally, PRC-Saltillo included guidance on steps individuals can take to protect their personal information moving forward.
The breach was linked to the ransomware group Fog, who claimed to have stolen 250GB of data from PRC-Saltillo. While the group posted the company’s information on their data leak site, PRC-Saltillo has not confirmed whether a ransom was paid or how the system infiltration occurred. The company is continuing its investigation and working on strengthening security measures to safeguard personal information in the future.
Reference:
