On August 12, 2022, United Health Centers of the San Joaquin Valley reported a data breach with the California Attorney General’s office after the organization experienced what appears to be a ransomware attack. According to UHC, the breach resulted in the names, Social Security numbers and medical record numbers of certain patients being compromised. After confirming the breach and identifying all affected parties, United Health Centers of the San Joaquin Valley began sending out data breach letters to all affected parties.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the United Health Centers of the San Joaquin Valley data breach, please see our recent piece on the topic here.
What We Know About the United Health Centers of the San Joaquin Valley Data Breach
The information about the United Health Centers of the San Joaquin Valley data breach comes from two sources, the organization’s filing with the California Attorney General’s office as well as a notice posted on the UHC website. According to these sources, on August 28, 2021, UHC employees began experiencing difficulties accessing the organization’s computer network. In response, UHC secured its network, notified federal law enforcement officers, and began working with third-party cybersecurity specialists to investigate the incident.
On September 22, 2021, the UHC investigation revealed that patient data had been compromised during the incident, which the company referred to as an “encryption event.” Evidently, UHC determined that an unauthorized party had gained access to its systems on August 24, 2022, which lasted until the company discovered and shut down the unauthorized party’s access on August 28, 2022.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, United Health Centers of the San Joaquin Valley began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. UHC completed this investigation on April 11, 2022. While the breached information varies depending on the individual, it may include your name, Social Security number and medical record number.
On August 12, 2022, United Health Centers of the San Joaquin Valley sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About United Health Centers of the San Joaquin Valley
United Health Centers of the San Joaquin Valley is a healthcare services provider based in Fresno, California. UHC San Joaquin maintains approximately 30 offices throughout the San Joaquin valley, including in Clovis, Corcoran, Earlimart, Fowler, Fresno, Hanford, Mendota, Orange Cove and Sanger. United Health Centers of the San Joaquin Valley provides residents with comprehensive health services, including internal medicine, family medicine, podiatry, immunizations, dermatology, women’s health, dentistry, optometry, behavioral health, chiropractic care and more.
Protecting Yourself from Identity Theft in the Wake of a Data Breach
Data breaches involve a hacker or other bad actor bypassing an organization’s data security system in an effort to steal consumer data. Thus, in most data breaches, the primary risk facing victims is that a hacker either uses their information to commit identity theft or sells their information to someone else who intends to do the same.
Once a hacker successfully steals consumer data, they will typically act quickly when using it to commit identity theft or other crimes. However, if an organization experiencing a breach quickly reports the incident, it may give consumers enough time to limit the chances that a hacker can steal their identity. Below are a few of the most important things victims of a data breach can do to reduce the risk of fraud.
Read the data breach letter to determine what information was leaked;
Report the breach to your financial institutions;
Close any bank accounts or credit cards if the account number was compromised;
Sign up for free credit monitoring offered by the company that leaked your information;
Place a fraud alert or a credit freeze on your credit account by contacting one of the three main credit bureaus; and
Keep a close eye on your bank and credit card accounts for any signs of fraudulent activity.
With a little luck, by following these steps, victims of a data breach can greatly reduce the risk of identity theft. Of course, there is nothing a victim can do to guarantee that they won’t fall victim to fraud following a data breach. Sometimes, companies don’t notify consumers until well after a breach because they are still conducting an investigation. Other times, hackers simply act too quickly in carrying out their frauds.
In these situations, it is essential for victims of a data breach to understand their rights. United States data breach laws allow for victims of a breach to pursue a legal claim against a company that negligently leaks their information. Those with questions about what to do after a data breach or what rights victims have against a company should reach out to a data breach lawyer.