SALT LAKE CITY – (BUSINESS WIRE) – January 7, 2022–
Medical Review Institute of America (“MRIOA”), an organization providing clinical peer reviews on behalf of some of its health plans, health care providers and other clients, is notifying certain individuals whose information has been affected by a recent data security incident.
On November 9, 2021, MRioA discovered that it was the victim of a sophisticated cyber attack. Once MRIoA found out, MRIoA quickly took steps to secure and securely restore its systems and operations. In addition, MRIOA immediately engaged third-party forensic and incident response experts to thoroughly investigate the nature and extent of the incident and assist with remediation efforts. The MRioA also contacted the FBI to inform them of the incident and seek advice. On November 12, 2021, MRioA discovered that the incident involved the unauthorized acquisition of information.
On November 16, 2021, MRioA recovered and subsequently confirmed the deletion of the information obtained to the best of its ability and knowledge. MRIoA’s investigation into the cause of the incident is ongoing. However, once MRIoA gathered the information, MRIoA began to determine who was affected by the incident. Additionally, MRioA discovered that protected health information was included in the incident based on a full review.
The types of protected health information potentially involved (only if such information has been provided to MRIoA) include contact and demographic information (i.e. first and last name, gender, home address , phone number, email address, date of birth), social security number. ; clinical information (i.e. medical history / diagnosis / treatment, dates of service, lab test results, prescription information, provider name, medical account number or anything similar in your record and / or medical file) ; and financial information (ie health insurance policy and group plan number, group plan provider, claims information).
However, to the best of its knowledge and as of the date of this press release, MRIoA has no evidence indicating the occurrence of identity theft resulting from this incident.
“The security and privacy of the information in our systems is a top priority for us, and we were shocked and dismayed to learn that we were one of the thousands of victims of this type of cyberattack,” said Ron Sullivan , CEO of MRIoA. . “We are fully committed to protecting the information on our systems and sincerely regret the inconvenience and concerns caused by this incident. We thank the community, our employees and our partners for their support during this event. “
In response to this incident, MRIoA has implemented and / or continues to implement additional cybersecurity measures for MRIoA’s existing infrastructure to better minimize the likelihood of this type of event to recur, including:
- Constant monitoring of our systems with advanced search and threat detection software;
- Added additional multi-factor authentication protections when attempting to access systems;
- New servers built from the ground up to ensure all threat remnants have been removed;
- Work with external third-party cybersecurity experts to assist us in our security efforts;
- Deploy a new strengthened backup environment;
- Improve the training of our employees in cybersecurity; and
- Review, revise and modify our existing cybersecurity policies as necessary.
MRIOA recommends that individuals remain vigilant by carefully reviewing their account statements and credit reports as a precaution. If individuals detect suspicious activity on an account, MRioA strongly advises them to promptly notify the financial institution or company that manages the account. Additionally, individuals should promptly report any fraudulent activity or suspected incidence of identity theft to law enforcement authorities, including their state attorney general and the Federal Trade Commission (FTC). To file a complaint or to contact the FTC, you may (1) send a letter to Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue NW, Washington, DC 20580; (2) go to IdentityTheft.gov/databreach; or (3) dial 1-877-ID-THEFT (877-438-4338). Complaints made to the FTC will be added to the FTC’s Identity Theft Data Clearinghouse, a database made available to law enforcement agencies.
In addition, MRioA offers free credit monitoring and identity protection services to those affected or involved in the incident. Those interested in signing up for free credit monitoring should do so within 90 days of receiving their notification letter from MRioA. If you believe you have been affected by this incident and would like to take advantage of these services, please contact the dedicated toll-free helpline (as shown below), and for more information on tips to protect yourself against theft identity, please visit https://www.mrioa.com/.
To assist with questions regarding this incident, representatives are available for 90 days from the date of this letter, please call the toll-free helpline 1-855-618-3157 between the hours of 8:00 a.m. to 5:30 p.m. Central schedule, Monday to Friday (excluding public holidays).
View source version on businesswire.com:https://www.businesswire.com/news/home/20220107005027/en/
CONTACT: Ron Sullivan, Chief Executive Officer
Medical Examining Institute of America
Email: [email protected]
KEYWORD: UTAH UNITED STATES NORTH AMERICA
INDUSTRY KEYWORD: MANAGED CARE SOFTWARE OTHER HEALTH SERVICES PROFESSIONAL GENERAL HEALTH SERVICES DATA MANAGEMENT SECURITY TECHNOLOGY OTHER PROFESSIONAL SERVICES LEGAL PRACTICE MANAGEMENT OTHER HEALTH TECHNOLOGIES
SOURCE: Medical Journal Institute of America
Copyright Business Wire 2022.
PUB: 07/01/2022 17: 00 / DISC: 07/01/2022 17:02
Copyright Business Wire 2022.