Mohawk Valley Cardiology, P.C., based in Utica, New York, recently disclosed a data breach that may have exposed sensitive patient information. On September 12, 2024, the company determined that an unauthorized third party had accessed certain portions of its network. This breach potentially compromised consumer data stored within its systems.
The breach affected at least two individuals in Massachusetts, according to a filing with the Massachusetts Attorney General's Office. The exposed data includes sensitive medical and personal information.
The compromised information may include:
The breach was serious in nature, as it involved highly sensitive medical and insurance data. This type of information could be exploited for identity theft or insurance fraud, making the incident particularly concerning for those affected.
Upon discovering the breach, Mohawk Valley Cardiology took immediate steps to address the situation. The company launched an investigation with the assistance of an incident response team and data security professionals. Law enforcement was also involved in the investigation.
In addition to investigating the breach, the organization has implemented enhanced security controls to mitigate the risk of future incidents. To support affected individuals, Mohawk Valley Cardiology is offering 12 or 24 months of free credit monitoring and cyber monitoring services through Cyberscout, a subsidiary of TransUnion. These services include:
Affected individuals can enroll in these services by visiting the enrollment website provided in the notification letter and using their unique code. Enrollment must be completed within 90 days of receiving the notification.
If you have received a notification from Mohawk Valley Cardiology regarding this breach, it is important to take steps to protect your personal and financial information. Here’s what you should do:
By taking these steps, you can reduce the risk of identity theft and protect your personal information from further exposure.