« Information Technology
  

New Jersey Affiliated Dermatologists Suffers Cyberattack

The cybersecurity incident occurred in March.

By HFT Staff


On March 5, 2024, Affiliated Dermatologists (AD) detected it was the target of a cybersecurity attack whereby an unauthorized third party gained access and left a ransom note on AD’s network. Upon discovery of this incident, AD immediately disconnected access to the network, alerted its third-party IT provider and engaged specialized cybersecurity professionals to conduct a forensic investigation into the nature and scope of the incident.  

On April 10, 2024, AD’s investigation determined that between March 2, 2024, and March 5, 2024, the unauthorized actor obtained access to certain systems and copied data from AD’s network, including the personal information of AD patients and employees.  

While the information involved varies for each individual, AD’s investigation has determined that the unauthorized actor may have accessed the following categories of information: 

  • For patients: name, date of birth, mailing address, social security number, medical treatment information, and health insurance claims information. -  
  • For employees: name, date of birth, mailing address, social security number, driver’s license number, and passport number.  

Again, the information involved varies for each individual, and not every category applies in each individual case. AD will mail personalized notification letters to the affected individuals that detail the specific categories of information that apply in each individual’s case.  

At this time, AD is not aware of any misuse of any personal information in connection with this incident. 

Since the discovery of the incident, AD moved quickly to investigate, respond, and confirm the security of our systems. Specifically, AD immediately disconnected access to its network and engaged specialized cybersecurity professionals to assist network restoration efforts and conduct a forensic investigation into the nature and scope of the incident. In addition, AD has taken steps to further enhance its network security, including implementation of 24-7 network security monitoring, multi-factor authentication for all remote access and password resets for all accounts on the network. 



May 21, 2024


Topic Area: Information Technology , Security

Recent Posts

Alleged Ransomware Administrator Extradited from South Korea

The Phobos ransomware has been used globally to target over 1,000 organizations, including healthcare.

Design Plans Unveiled for New Intermountain St. Vincent Regional Hospital

The new hospital will be a 14-floor, 737,000 square-foot facility in Billings, Montana.

Ground Broken on New Pediatric Health Campus in Dallas

The new campus will replace the existing Children’s Medical Center Dallas.

Pre-Construction Strategies for Successful Facilities Projects

Savvy decisions can help facilities meet long-term goals by creating consistency and eliminating waste.

Geisinger Finds Success with Violence Prevention Efforts

Their safety measures included training staff in de-escalation, active-shooter response drills and equipping 6,000 employees with duress notification badges.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.