Rockford Gastroenterology Associates (RGA), located in Rockford, Illinois, experienced a cyberattack that impacted part of its network. The incident, which occurred on December 16, 2023, involved unauthorized access to unstructured data within the network. While the breach did not affect the organization’s electronic health records system, certain personal and health information of patients was accessed. Upon discovering the attack, RGA swiftly contained the compromised systems and launched an immediate investigation with the assistance of third-party cybersecurity experts to assess the extent of the damage.
The investigation revealed that unauthorized parties accessed certain files containing personal patient information, including health data, but no evidence of misuse or identity theft was found. RGA worked closely with its cybersecurity team to determine the full scope of the breach, taking appropriate measures to prevent further unauthorized access. The organization also conducted a thorough review of the affected data and began notifying the individuals potentially impacted by the incident, ascertaining their mailing addresses to ensure direct communication.
To protect those affected, RGA recommended patients remain vigilant by reviewing financial account statements and Explanation of Benefits documents for any signs of fraudulent activity. Additionally, the organization suggested that patients place fraud alerts on their credit files and consider putting security freezes in place to prevent unauthorized access to their financial information. RGA emphasized the importance of monitoring credit reports and promptly reporting any suspicious activity to mitigate the risk of identity theft.
RGA has assured its patients that it is committed to safeguarding their personal information and has implemented measures to enhance its data security practices moving forward. The organization has expressed its gratitude for the trust patients have placed in it and has made a dedicated toll-free response line available for those with questions regarding the incident. RGA is continuing to work with cybersecurity experts to fortify its systems and prevent similar attacks in the future, reinforcing its commitment to patient privacy and security.
Reference:
