Strauss Borrelli PLLC, a leading data breach law firm, is investigating Richmond University Medical Center (“RUMC”) regarding its recent data breach. The RUMC data breach may have involved sensitive personal information and protected health information belonging to over 674,000 individuals.
ABOUT RICHMOND UNIVERSITY MEDICAL CENTER:
RUMC is a is a 440+ bed healthcare facility and teaching institution based in New York.4 Formally established in 2007, RUMC serves borough residents in the areas of acute, medical and surgical care, including emergency care, surgery, minimally invasive laparoscopic and robotic surgery, gastroenterology, cardiology, pediatrics, podiatry, endocrinology, urology, oncology, orthopedics, neonatal intensive care and maternal health.4 The hospital also offers behavioral health services, encompassing both inpatient and outpatient services for children, adolescents and adults, including emergent inpatient and mobile outreach units.4 Along with its main campus in Saten Island, New York, RUMC has over 25 additional locations in New York.
WHAT HAPPENED?
Recently, RUMC reported to the Attorney General of Maine that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired. According to the breach notice, on May 6, 2024, RUMC discovered unauthorized access to its network as a result of a sophisticated cyberattack.1 As a result, RUMC launched an investigation to determine the nature of the incident.
Through its investigation, RUMC confirmed that sensitive personal information in its systems may have been viewed and obtained by an unauthorized third party during the breach to its network on or around May 6, 2024. As a result, RUMC began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Driver’s license or state identification number
- Other government identification numbers
- Financial account information
- Credit or debit card numbers
- Biometric information
- User credentials
- Medical treatment/diagnosis information
- Health insurance policy information
On December 19, 2024, RUMC began mailing data breach notification letters to impacted individuals. Based on the breach notices provided to the Maine residents, RUMC is providing affected individuals with a list of the information impacted and 12 months of complimentary identity monitoring services. A link to the form breach notification letter that RUMC filed with the Attorney General of Maine is below.
If you received a breach notification letter from Richmond University Medical Center:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
