On June 2, 2023, CareNet Medical Group, PC (“CMG”) filed a notice of data breach with the Attorney General of Vermont after learning that hackers were able to obtain confidential patient information stored on the company’s IT network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ full names, Social Security numbers, addresses, driver’s license numbers, bank account numbers, bank account routing numbers, dates of birth, medical reference numbers, Medicare numbers, cell phone numbers, home phone numbers, health insurance information, and email addresses. After confirming that consumer data was leaked, CareNet began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

If you received a data breach notification from CareNet Medical Group, it is essential you understand what is at risk and what you can do about it. Healthcare providers have become the preferred target of many hackers due to the immense amount of highly sensitive patient information these organizations possess. However, there are steps victims of a breach can take to reduce the risk of falling victim to identity theft and other frauds. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the CareNet Medical Group data breach, please see our recent piece on the topic here.

What We Know So Far About the CareNet Medical Group Breach

News of the CareNet Medical Group data breach is still fresh; however, what we know at this point comes from the company’s filing with the Attorney General of Vermont. The company also posted a “Notice of Data Security Incident” on its webpage. According to these sources, CMG recently learned that the company had been the target of a cyberattack. In response, CMG secured the threat and then consulted with a team of cybersecurity professionals to assist with the company’s investigation.

On April 26, 2023, the CareNet investigation confirmed that an unauthorized party was able to access the company’s network and remove certain files between May 9, 2022 and June 4, 2022. It was later revealed that some of the files contained confidential patient information.

Upon discovering that sensitive consumer data was made available to an unauthorized party, CareNet Medical Group began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your full name, Social Security number, address, driver’s license number, bank account number, bank account routing number, date of birth, medical reference number, Medicare number, cell phone number, home phone number, health insurance information, and email addresses.

On June 2, 2023, CareNet Medical Group sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About CareNet Medical Group, PC

Established in 1983, CareNet Medical Group, PC is a women’s healthcare practice located in Schenectady, New York. The practice provides OB / GYN care, as well as vaginal rejuvenation, fertility testing and treatment, and gynecological surgery to patients throughout the Capital District. CareNet operates two facilities in Schenectady and Clifton Park. CareNet Medical Group employs more than 25 people and generates approximately $6 million in annual revenue.