Phillip Galyen P.C. (“Galyen”) announced today that it recently detected a data security incident which may have resulted in unauthorized access or acquisition of the personal information of some clients and employees of Galyen.
Galyen conducted an investigation and hired independent computer forensic investigators to help determine what happened. The investigation discovered that a malicious actor may have accessed the Galyen network without authorization. The malicious actor may have also accessed and acquired certain personal information associated with clients and employees of Galyen.
This incident may have involved information individuals provided to Galyen in connection with their representation or employment. The information may include individuals’ names, dates of birth, driver’s license or personal identification card numbers, Social Security Numbers, payment account numbers, payment card information, biometric data including but not limited to medical information and history, medical diagnosis and treatment information, health insurance information, and other personal information.
In coordination with the computer forensic investigators, Galyen was able to swiftly secure its systems. Additionally, as soon as Galyen detected the potential incident, Galyen worked with cyber security experts to adopt even more stringent security measures to help prevent similar incidents in the future.
Further, Galyen reported the incident to the Federal Bureau of Investigation and will provide whatever cooperation is necessary to help prevent fraudulent activity and facilitate prosecution of the perpetrators.
While Galyen is not aware of the misuse of any information involved in this incident, Galyen encourages potentially affected individuals to remain vigilant by closely reviewing account statements for discrepancies.
Under Massachusetts law, you have the right to obtain any police report filed in regard to this incident. If you are the victim of identity theft, you also have the right to file a police report and obtain a copy of it.
You have the right to place a security freeze on your credit report. A security freeze prohibits a consumer reporting agency from releasing any information from a consumer’s credit report without written authorization.
However, please be aware that placing a security freeze on your credit report may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit, mortgages, employment, housing, or other services.
Also Read: SD-WAN Solutions to the Rescue of IT Leaders
In order to request a security freeze, you will need to provide the following information:
- Your full name and any suffixes;
- Social Security number;
- Date of birth;
- If you have moved in the past five (5) years, provide the addresses where you have lived over the prior five (5) years;
- Proof of current address such as a current utility bill or telephone bill;
- A legible photocopy of a government issued identification card (e.g. state driver’s license or ID card, military identification, etc.); and
- If you are a victim of identity theft, include a copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft.
The consumer reporting agencies then have three (3) business days after receiving your request to place a security freeze on your credit report. The credit bureaus must also send written confirmation to you within five (5) business days and provide you with a unique personal identification number (“PIN”) or password, or both that can be used by you to authorize the removal or lifting of the security freeze.
To lift the security freeze in order to grant a specific entity or individual access to your credit report, you must call or send a written request to the consumer reporting agencies by mail and include proper identification (name, address, and Social Security number) and the PIN or password provided to you when you placed the security freeze as well as the identities of those entities or individuals you would like to receive your credit report or the specific period of time you want the credit report available.
The consumer reporting agencies have three (3) business days after receiving your request to lift the security freeze for those identified entities or individuals, or for the specified period of time.
To remove the security freeze, you must send a written request to each of the three (3) consumer reporting agencies by mail and include proper identification (name, address, and Social Security number) and the PIN or password provided to you when you placed the security freeze. The consumer reporting agencies have three (3) business days after receiving your request to remove the security freeze. You cannot be charged a fee by the consumer reporting agencies to place, lift, or remove a security freeze.
For more such updates follow us on Google News ITsecuritywire News.