Strauss Borrelli PLLC, a leading data breach law firm, is investigating Alabama Cardiovascular Group (“ACG”) regarding its recent data breach. The ACG data breach involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT ALABAMA CARDIOVASCULAR GROUP:
ACG is a healthcare group dedicated to the practice of up-to-date clinical, preventative, diagnostic and interventional cardiology based in Alabama.3 Founded in 2003, ACG specializes in ischemic, vascular and hypertensive heart disease as well as renal and peripheral vascular disease.4 Additionally, ACG has expertise in management of congestive heart failure, cardiomyopathy and dysrhythmias.4 Today, ACG physicians are board certified in cardiology and internal medicine, as well as sub-specialty boards such as interventional cardiology, cardiac electrophysiology, nuclear medicine and echocardiography.3 Headquartered in Birmingham, Alabama, ACG provides services at two hospital locations and five satellite offices and employs over 50 individuals.
WHAT HAPPENED?
Recently, ACG reported to the Attorney General of the Commonwealth of Massachusetts that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired. According to the breach notice, on July 2, 2024, ACG discovered that an unauthorized actor had gained access to its computer network. As a result, ACG launched an investigation to determine the nature of the incident.
Through its investigation, ACG learned that sensitive personal information may have been viewed and taken by an unauthorized third party between June 6, 2024, and July 2, 2024. As a result, ACG began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Address
- Contact information
- Driver’s license or passport number
- Financial information (e.g., bank account information, credit or debit card information)
- Medical information (e.g., dates of service, diagnosis, medications, images, lab results, treatment information)
- Health insurance and health insurance claims information
- Username and password
On August 2, 2024, ACG began mailing data breach notification letters to impacted individuals. Based on the breach notice posted on its website, ACG is providing affected individuals with a list of the specific type of sensitive information impacted and 24 months of complimentary credit monitoring services. A link to the form breach notification letter that ACG filed with the Attorney General of the Commonwealth of Massachusetts is below.
If you are a current or former employee or patient of, or have received a breach notification letter from, Alabama Cardiovascular Group:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
