NEW YORK, Sept. 7, 2018 /PRNewswire/ — Catholic Charities Neighborhood Services, Inc. (“CCNS”) recently discovered an incident that may impact certain CCNS patient information.
On July 13, 2018, CCNS became aware of suspicious activity within an employee’s email account. Upon learning of this suspicious email activity, CCNS promptly launched an internal investigation, with the assistance of third-party forensic investigators. Through this investigation, CCNS learned that an employee had received a spam phishing email and inadvertently provided his/her email credentials to an unauthorized actor. As a result of this phishing attack, the unauthorized actor accessed the CCNS employee email account on July 3, 2018.
After conducting a comprehensive forensic investigation into the incident, on or about August 16, 2018, CCNS confirmed that the impacted email account contained, and the unauthorized actor accessed, the following types of patient information: name, date of birth, Social Security number, Medicaid ID number, diagnosis information, medications, date of admission/discharge, and/or hospital name. CCNS does not currently have any evidence of actual or attempted misuse of the information impacted as a result of this incident.
On September 7, 2018, CCNS began mailing notification letters to the impacted patients, and is offering those affected complimentary access to credit monitoring and identity protection services. In addition to working with a third-party forensic investigator to conduct an investigation, CCNS is taking additional actions to strengthen the security of their email systems, as well as providing additional training to users on how to identify phishing scams.
CCNS encourages impacted individuals to remain vigilant against incidents of identity theft and fraud, to review account statements, and to monitor their credit reports and explanation of benefits forms for suspicious activity. CCNS is providing impacted individuals with contact information for the three major credit reporting agencies, as well as providing advice on how to obtain free credit reports and how to place fraud alerts and security freezes on their credit files. The relevant contact information is below:
Impacted individuals may also find information regarding identity theft, fraud alerts, security freezes and the steps they may take to protect their information by contacting the credit bureaus and the Federal Trade Commission. The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261.
CCNS set up a call center to answer questions from those who might be impacted by this incident. Anyone with additional questions about the incident, including whether you are affected, may contact the call center at (800) 939-4170 (toll-free), Monday through Friday, 9:00 a.m. to 8:00 p.m. EDT. CCNS values their patients’ privacy and security and deeply regrets any concern or inconvenience this incident causes.
SOURCE Catholic Charities Neighborhood Services, Inc.