Recently, Allaire Health Services (“Allaire Healthcare Group) issued a press release confirming a data breach after an unauthorized party gained access to the company’s computer network and the sensitive consumer data contained on the network. According to Allaire, the breach resulted in the names, Social Security numbers and protected health information of certain patients being compromised. Allaire initially provided notice of the breach on May 18, 2022. Subsequently, the company sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Allaire Healthcare Group data breach, please see our recent piece on the topic here.

What We Know About the Allaire Healthcare Group Data Breach

According to the Allaire Health Services press release, on November 25, 2021, the company first identified suspicious activity relating to an employee's email account. In response, Allaire secured the email account and began an investigation into the incident with the assistance of cybersecurity specialists. This investigation confirmed that an unauthorized party was able to access the employee’s email account and all attachments between November 10, 2021 and November 24, 2021.

Subsequently, Allaire Healthcare Group learned that the files accessible to the unauthorized party contained sensitive patient information. While the breached information varies depending on the individual, it may include your first and last name, Social Security number, Allaire-issued unique client identifier number, driver's license number, passport number, financial account number, payment card information, information regarding medical history, treatment or diagnosis, prescription information, and/or health insurance information.

On May 18, 2022, Allaire Healthcare Group sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About Allaire Health Services

Allaire Health Services, also known as Allaire Healthcare Group, is a healthcare provider and nursing home care provider serving those in New York, New Jersey and Pennsylvania. Allaire Healthcare Group operates five facilities, including Allaire Rehab and Nursing, Morris View Healthcare Center, Grandview Nursing and Rehabilitation, Morristown Post Acute Rehabilitation and Nursing Center, and the Center for Living and Rehabilitation. Allaire Healthcare Group employs more than 170 people across all locations and generates approximately $15 million in annual revenue.

How to Handle a Data Breach to Reduce the Risk of Identity Theft

Allaire indicated that it sent affected consumers data breach notification letters. In these letters, the company will provide you with a list of your information that was compromised in the recent breach. If you receive a data breach notification in the mail from Allaire, it means that a hacker or cybercriminal may have had access to your personal data. How they intend to use this information is anyone’s guess; however, given the risk of identity theft and other types of fraud that follow in the wake of a data breach, it is important you remain vigilant.

Below are a few steps you can take following a data breach to reduce the risk of identity theft or other frauds:

1.) Carefully reread view the Allaire “Notice of Data Breach” letter keeping in mind the date you provided the company with your information as well as what type of data was compromised in the breach. Unless the company made a mistake, the fact you received a letter means your information was among that which was leaked in the breach.

2.) Once you determine what information was impacted, the next step is to take remedial measures to prevent any fraud on your accounts. Notably, the Allaire breach compromised sensitive information, such as Social Security numbers, bank account numbers, and payment card information. These data types are easily used by hackers to steal your identity. Thus, changing all passwords and security questions is the bare minimum you should do. You should also set up multi-factor authentication and consider adding a fraud alert to your credit profile.

3.) Allaire is offering anyone affected by the breach complimentary identity monitoring and protection services. This is not a gimmick, and you do not forfeit any of your rights to pursue a claim against the company by signing up for free credit monitoring.

4.) Adding a credit freeze to your credit profile adds an additional lawyer of protection. A credit freeze is different from a fraud alert in that it prevents all access to your credit report unless you specifically authorize it. Credit freezes are free and remain in place until you remove them. According to the Identity Theft Resource Center (“ITRC”), adding a credit freeze is the “single most effective way to prevent a new credit/financial account from being opened.”

5.) Ensuring you are protected—and stay protected—after a data breach requires an ongoing effort. To ensure your accounts remain fraud-free, you should continually monitor your credit report and all financial accounts. When reviewing your accounts, look out for any signs of unauthorized activity or fraud.