Catholic Health Announces Third-Party Data Breach at Minimum Data Set Consultants Leaked Patient Data

Console and Associates, P.C.
Contact

On May 5, 2023, Catholic Health posted notice of a third-party data breach following an incident at one of the organization’s vendors, Minimum Data Set Consultants, LLC. Based on the Catholic Health notice, the incident resulted in an unauthorized party gaining access to patients’ names, birthdates, demographic information, Social Security numbers, Medicare numbers, and diagnosis information. After confirming that consumer data was leaked, Catholic Health began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.

If you received a data breach notification from Catholic Health or Minimum Data Set Consultants, LLC, it is essential you understand what is at risk and what you can do about it. As we’ve previously mentioned in other posts, healthcare data breaches often provide hackers with everything they need to commit complex frauds against victims, including identity theft. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Catholic Health data breach, speak with a data breach lawyer.

What We Know So Far About the Catholic Health Breach

News of the Catholic Health data breach is still fresh; however, what we know at this point comes from the company’s blog post dated May 5, 2023. According to this source, Minimum Data Set Consultants that Catholic Health relies upon for consulting services. In late March 2023, Minimum Data Set Consultants learned of suspicious activity within its computer network. In response, the company launched an investigation, confirming that an unauthorized party accessed certain files on its network on or around August 27, 2023.

Upon discovering that sensitive consumer data was made available to an unauthorized party, Catholic Health began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, birth date, demographic information, Social Security number, Medicare number, and diagnosis information.

While Catholic Health has not been able to verify exactly which patient records were accessed, in an abundance of caution, the company is notifying all patients whose information was exposed.

On May 5, 2023, Catholic Health sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About Catholic Health

Founded in 1998, Catholic Health is a healthcare system based in Buffalo, New York. The company operates several hospitals and primary care providers in the area, including Kenmore Mercy Hospital, Mercy Hospital of Buffalo, Mount St. Mary's Hospital, Sisters of Charity Hospital, and St. Joseph Campus. Catholic Health employs more than 9,500 people and generates approximately $1.5 billion in annual revenue.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide