Illinois Gastroenterology Group, PLLC Reports a New Security Incident

20
Illinois Gastroenterology Group_ PLLC Provides Notice of a Security Incident-01

Illinois Gastroenterology Group, PLLC (“IGG”) is providing notice of a recent incident that may affect the security of certain individuals’ information.

On October 22, 2021, IGG discovered unusual activity within its computer network. IGG immediately launched an investigation, with the assistance of third-party cybersecurity specialists, to determine the nature and scope of the event. On November 18, 2021, the investigation determined that an unauthorized actor gained access to certain IGG systems and that information contained in those systems may have been viewed or taken by the unauthorized actor.

IGG reviewed the information contained within the systems to identify if any individual’s personal information or protected health information was potentially impacted. On March 22, 2022, IGG determined the personal information of individuals including the following types of information that IGG maintains in its systems and that were or may have been, impacted by this incident include: name, address, date of birth, Social Security number, driver’s license, Passport, financial account information, payment card information, employer-assigned identification number, medical information, and biometric data. To date, IGG has not received any reports of fraudulent misuse of any information potentially impacted.

IGG takes this incident and the security of personal information in its care seriously. IGG moved quickly to investigate and respond to this incident, assess the security of its systems, and notify potentially affected individuals. In response to this incident, IGG augmented its policies and procedures addressing network security. IGG accelerated the implementation of an enhanced managed Security Operations Center including the deployment of endpoint detection and response platform in response to this event with policies enabled specially for ransomware. IGG immediately reset passwords and employees with privileged access to sensitive systems were enrolled into our multifactor authentication platform. IGG is also notifying potentially affected individuals so that they may take further steps to protect their information, should they feel it is appropriate to do so.

Also Read: Cybersecurity in 2022 – The Need for Next-Generation E-Mail Security

IGG established a dedicated assistance line for individuals seeking information regarding this incident. Individuals seeking additional information may call the toll-free assistance line at 1-833-559-1331. This toll-free number is available Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern Time, excluding major U.S. holidays. Individuals may also write to IGG at Illinois Gastroenterology Group, PLLC, Attention: Chief Operating Officer, P.O. Box 7630, Gurnee, IL 60031.

Potentially affected individuals may also consider the information and resources outlined below. IGG encourages potentially impacted individuals to remain vigilant against identity theft and fraud by reviewing their account statements, credit reports, and explanation of benefits forms for suspicious activity and to report any suspicious activity promptly to their bank, financial institution, insurance company, health care provider, law enforcement, or their state Attorney General.

Consumers have the right to place an initial or extended “fraud alert” on a credit file at no cost. An initial fraud alert is a one-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If an individual is the victim of identity theft, they are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should they wish to place a fraud alert, they may contact any one of the three major credit reporting bureaus listed below.

As an alternative to a fraud alert, consumers have the right to place a “credit freeze” on a credit report, which will prohibit a credit bureau from releasing information in the credit report without the consumer’s express authorization. The credit freeze is designed to prevent credit, loans, and services from being approved in an individual’s name without their consent. However, individuals should be aware that using a credit freeze to take control over who gets access to the personal and financial information in their credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application they make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, an individual cannot be charged to place or lift a credit freeze on their credit report. To request a credit freeze, individuals will need to provide the following information:

  1. Full name (including middle initial, as well as Jr., Sr., II, III, etc.);
  2. Social Security number;
  3. Date of birth;
  4. Addresses for the prior two to five years;
  5. Proof of current address, such as a current utility bill or telephone bill;
  6. A legible photocopy of a government-issued identification card (state driver’s license or ID card, etc.); and
  7. A copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft if they are a victim of identity theft.

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.