On February 19, 2025, Central New York Cardiology (“CNYC”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after confirming that an unauthorized party had access to its computer network. In this notice, CNYC explains that the incident resulted in an unauthorized party being able to access patients’ sensitive information, which includes their names, addresses, dates of birth, driver’s license numbers, Social Security numbers, medical information, health insurance information, and financial account information. Upon completing its investigation, Central New York Cardiology began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Central New York Cardiology, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Central New York Cardiology data breach. For more information, please see our recent piece on the topic here.
What Caused the Central New York Cardiology Data Breach?
The Central New York Cardiology data breach was only recently announced, and more information is expected in the near future. However, Central New York Cardiology’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach.
According to this source, Central New York Cardiology recently detected suspicious activity within its computer network. In response, CNYC secured its network and then brought on a team of outside cybersecurity experts to assist with an investigation.
Through this investigation, Central New York Cardiology learned that parts of its IT network were accessed by an unauthorized party between December 26, 2024 and December 30, 2024, including files containing confidential patient information.
After learning that sensitive patient data was accessible to an unauthorized party, Central New York Cardiology reviewed the compromised files to determine what information was leaked and which patients were impacted. While the breached information varies depending on the individual, it may include your name, address, date of birth, driver’s license number, Social Security number, medical information, health insurance information, and financial account information.
On February 13, 2025, Central New York Cardiology sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Central New York Cardiology
Central New York Cardiology is a medical practice specializing in the diagnosis and treatment of cardiovascular diseases. Headquartered in Utica, New York, the practice provides comprehensive cardiac care, including diagnostic testing, interventional cardiology, electrophysiology, and preventive heart health services. CNYC operates approximately five locations in the Central New York area. The organization employs approximately 99 people and generates an estimated $23 million in annual revenue.
