On June 9, 2023, AtlantiCare posted a “Notice of Third-party Security Incident'' on its website related to a third-party data breach involving two other companies, Intellihartx, LLC (“ITx”) and Fortra, LLC. Based on the company’s Notice, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, addresses, medical billing and insurance information, diagnoses and medications, and dates of birth. After confirming that consumer data was leaked, AtlantiCare began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification from AtlantiCare, IntelliHartx or Fortra, it is essential you understand what is at risk and what you can do about it. The AtlantiCare breach is especially complex due to the involvement of two other companies. However, each of the companies involved owes a duty to protect the confidential information in its possession, and any of the three could be financially liable to consumers in the wake of the breach. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the AtlantiCare data breach, please see our recent piece on the topic here.
What We Know So Far About the AtlantiCare Breach
News of the AtlantiCare data breach is still fresh; however, what we know at this point comes from the company’s “Notice of Third-party Security Incident Impacting AtlantiCare Patient Data.” According to this source, on February 2, 2023, IntelliHartx discovered that Fortra’s secure file transfer protocol system used by the company was subject to a data privacy event that potentially impacted ITx clients’ patient information. In response, Fortra deleted all unauthorized accounts, rebuilt the platform and released a patch to resolve the vulnerability.
ITx then conducted its own investigation to determine what, if any, patient information was leaked as a result of the incident. On May 19, 2023, ITx confirmed that certain AtlantiCare patients’ confidential information was subject to unauthorized access as a result of the GoAnywhere vulnerability.
Upon discovering that sensitive consumer data was made available to an unauthorized party, ITx began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, address, medical billing and insurance information, diagnosis and medication, and date of birth.
On June 9, 2023, AtlantiCare sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About AtlantiCare
AtlantiCare is a healthcare system based in Atlantic City, New Jersey. The company provides a range of services at its various locations, including bariatrics, cancer care, behavioral health, urgent care and emergency care. AtlantiCare operates ten locations in South Jersey, including in Manahawkin, Mays Landing, Atlantic City, Brigantine, Pomona, Hammonton, Egg Harbor Township, and Cape May Courthouse. AtlantiCare employs more than 5,437 people and generates approximately $1.9 billion in annual revenue.