Smith, Gambrell & Russell LLP recently notified 3,370 individuals that their protected health information may have been exposed and stolen by unauthorized parties. The breach was detected on January 28, 2024, when suspicious activity was identified in the firm’s computer network. An investigation by third-party computer forensics specialists revealed that sensitive documents containing personal and medical information had been accessed without authorization.
The compromised documents were found to include names along with various sensitive details such as addresses, Social Security numbers, driver’s license numbers, government IDs, and medical information including treatment and diagnosis history. The review of the affected documents confirmed the extent of the data exposure and highlighted the seriousness of the breach.
In response to the incident, Smith, Gambrell & Russell LLP has implemented several enhanced security measures to protect against future breaches. The firm has upgraded its endpoint monitoring software, conducted a global password reset, and introduced additional security protocols to safeguard sensitive information.
The law firm has taken these steps to prevent further unauthorized access and to ensure the security of its computer network. Individuals affected by the breach are being informed and advised on how to protect their personal information.
Reference: