Strauss Borrelli PLLC, a leading data breach law firm, is investigating miCare Health Center (“miCare”), regarding its recent data breach. The miCare data breach may have involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT MICARE HEALTH CENTER:
miCare is a is a primary-care clinic that provides patient-centric, employer-sponsored healthcare based in Montana.3 Founded in 2006, miCare clinics provide wellness, prevention, chronic condition management and same day/acute care services free to members.4 Today, miCare manages nine clinics in five states, providing medical services to over 10,000 plan members and employers that include municipalities, school districts, and private corporations.5 Headquartered in Billings, Montana, miCare employs over 50 individuals.
WHAT HAPPENED?
Recently, miCare announced that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on or around May 22, 2024, miCare became aware of unauthorized access to certain employee’s email accounts. As a result, miCare launched an investigation to determine the nature of the incident.
miCare later determined that sensitive personal information in its systems may have been compromised by an unauthorized individual using employee email accounts between April 19, 2024, and May 25, 2024. As a result, miCare began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Medical information
- Health insurance information
As a result of the data breach, miCare posted notice of the incident on its website. Additionally, on October 11, 2024, miCare mailed data breach notification letters to impacted individuals. Based on the breach notice posted to its website, miCare is providing affected individuals with a list of the specific types of sensitive information impacted and 12 months of complimentary identity monitoring services. A link to the form breach notification that miCare posted to its website is below.
If you received a breach notification letter from miCare Health Center:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
