Strauss Borrelli PLLC, a leading data breach law firm, is investigating Onsite Mammography, LLC, which does business as Onsite Women’s Health, regarding its recent data breach. The Onsite Women’s Health data breach involved sensitive personal information and protected health information belonging to over 357,000 individuals.
ABOUT ONSITE MAMMOGRAPHY, LLC D/B/A ONSITE WOMEN'S HEALTH:
Onsite Women’s Health is a medical imaging service provider based in Massachusetts. Founded in 2008, Onsite Women’s Health partners with healthcare providers to offer in-office breast health and imaging services.2 Today, these services include personalized risk assessments, comprehensive 3D mammography services, and automated Whole-Breast Ultrasound (ABUS).3 Headquartered in Westfield, Massachusetts, Onsite Women’s Health has over 150 locations across the United States and employs over 200 individuals.
WHAT HAPPENED?
Recently, Onsite Women’s Health reported to the Attorney General of Maine that sensitive personal identifiable information and protected health information in its care may have been compromised. According to the breach notice, in October 2024, Onsite Women’s Health discovered unusual activity associated with one employee’s email account.1 As a result, Onsite Women’s Health launched an investigation to determine the nature of the incident.
Through its investigation, Onsite Women’s Health confirmed that the unauthorized actor may have accessed certain information in its systems on October 2, 2024.1 As a result, Onsite Women’s Health began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. The exact type of personal information potentially exposed has not been made publicly available by Onsite Women’s Health. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license number or state identification card number
- Account number, credit card number or debit card number, if circumstances exist wherein such a number could be used without additional identifying information, access codes or passwords
Additionally, according to the breach notice, the information potentially acquired includes Protected Health Information which, as defined by the Health Insurance Portability and Accountability Act (HIPAA), includes:
- An individual’s past, present or future physical or mental health or condition,
- the provision of health care to the individual, or
- the past, present, or future payment for the provision of health care to the individual
As a result of the data breach, Onsite Women’s Health began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Maine residents, Onsite Women’s Health is providing affected individuals with a list of the specific types of sensitive information impacted and 12 months of complimentary credit monitoring services. A link to the form breach notification letters that Onsite Women’s Health filed with the Attorney General of Maine is below.
If you received a breach notification letter from Onsite Mammography, LLC d/b/a Onsite Women's Health:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
