by | Sep 11, 2022

 A recent data breach impacting the private health information(PHI) of 255,160 people has been reported to the Department of Health and Human Services (HHS) by the Detroit, Michigan-based law firm Warner Norcross and Judd (WNJ). In a statement posted on their website, WNJ claimed to have found suspicious illegal activity taking place within their networks. The law company swiftly put its cybersecurity policies into place and hired a business with expertise in cybersecurity to carry out a thorough forensic investigation to ascertain the reason for the attack and the extent of the event. Following the inquiry, it was concluded that that threat actors had accessed systems that had protected and personal health information about patients. the unauthorized third party obtained a variety of sensitive information, namely:

  •  Full names
  •  birth dates
  •  Social Security numbers
  •  driver’s license numbers, government-issued IDs
  •  annual salary amounts, benefit contribution information
  •  credit card or debit card numbers
  • credit card or debit card pins
  •  financial accounts or routing numbers
  • passport numbers
  •  patient account numbers
  •  health information
  • Life insurance policy data

When the investigation came to an end, WNJ identified the email addresses of potentially affected individuals and issued breach notifications. In the notifications, WNJ detailed how affected individuals can better protect their information to mitigate harm caused by the attack and encouraged affected individuals to remain vigilant against any suspicious activity indicating identity theft and fraud. The law firm recommended those affected by the breach to notify their financial institution immediately and to report any fraudulent activity to the appropriate law enforcement authorities. To aid in the detection of any suspicious activity, WNJ is offering 12 months of credit monitoring and identity theft services to affected individuals free of charge.

In addition to this, the law firm has also apologized for any difficulty brought on by the breach and has taken certain measures to ensure that a similar attack of this sort is not repeated in the future. On the WNJ website, the organization have stated: “WNJ has taken steps to help prevent a similar incident from occurring in the future. WNJ is also providing notice of this incident to potentially impacted individuals and providing them with information about steps they can take to help protect their information. WNJ has also established a toll-free call center to answer questions about the incident.”

3-Steps to HIPAA Compliance

Step 1 : Download Checklist.

Step 2 : Review Your Business

Step 3 : Get Compliant!

Our HIPAA compliance checklist will outline everything your organization needs to become fully HIPAA compliant. Fill in the form below to download it now.

View our privacy policy