Regional Cancer Care Associates LLC Data Breach (2019)

HACKENSACK, N.Y., July 23, 2019 /PRNewswire/ -- On May 24, 2019, RCCA MSO LLC ("RCCA MSO"), the management services entity for Regional Cancer Care Associates LLC ("RCCA") and RCCA MD LLC ("RCCA MD" and together with RCCA MSO and RCCA, the "RCCA Group") became aware of suspicious activity regarding an employee email account. RCCA MSO immediately began an investigation to confirm the security of its network and to determine the nature and scope of this event. With the assistance of third-party forensic investigators, on June 21, 2019, RCCA MSO learned that the RCCA Group was the victim of unauthorized access to several employee email accounts. The investigation confirmed that the employee mailboxes were subject to unauthorized access between April 17, 2019 and June 4, 2019. On July 16, 2019, the RCCA Group confirmed that certain personal information, including health information contained in the employee email accounts were potentially exposed. The RCCA Group is not aware of any evidence or indication of an attempted or actual access or misuse of any personal information as a result of this event. On July 23, 2019 the RCCA Group began mailing notice letters to patients of the RCCA Group whose information was contained within the impacted accounts. The majority of information contained in the impacted email accounts included health information such as name, treatment, diagnosis, physician, health insurance information, patient number, and prescription information. For a small subset of the affected individuals, the information contained in the email accounts also included address, Social Security numbers, driver's license numbers, and payment card information.