Hope Health Systems Inc. Provide Notice of Data Security Event

GWYNN OAK, Md., Nov. 21, 2022 /PRNewswire/ -- Today, Hope Health Systems Inc. ("HHS"), a private company providing health and wellness services including direct mental health, substance abuse, and community support services to adults, children, and adolescent clients in institutional and outpatient settings, began providing notice of a data security event that potentially affects the data privacy of certain individuals who receive services from HHS.

On June 20, 2022, HHS discovered encrypted files on certain computer systems. They immediately launched an investigation with the assistance of third-party cybersecurity and digital forensic specialists to determine the nature and scope of the incident. The investigation determined that there was unauthorized access to certain HHS servers beginning on June 10, 2022. On or about August 24, 2022, HHS determined it was unable to rule out unauthorized access to data stored on its affected systems. The investigation found no evidence that specific information was actually viewed by an unauthorized individual, but the investigation was unable to rule this activity out with absolute certainty. As access to data stored within their system could not be ruled out, they immediately undertook a review of the data at issue. This process completed on or about October 18, 2022. While HHS does not have any evidence of misuse of any consumer information in connection with this incident, out of an abundance of caution, HHS is providing notice of the event so potentially affected individuals may take steps to better protect their personal information, should they feel it is appropriate to do so.

Information security remains one of the highest priorities for HHS. HHS is evaluating its existing policies, procedures, and processes, including those related to cybersecurity, to determine whether additional measures are appropriate in an effort to reduce the likelihood of a similar future event.

The information potentially at risk varies by individual. HHS continues efforts to understand the full impact of the event. While those efforts remain underway, the information potentially at risk may include the following types of information related to certain consumers: name, address, date of birth, Social Security number, driver's license number, health insurance information, and medical information. 

HHS is notifying potentially affected individuals via a posting on its website, which is available at hopehealthsystems.com. HHS will provide direct notice to potentially affected individuals for whom we have address information beginning on or about November 21, 2022. Should individuals have questions regarding this incident, they may call a dedicated assistance line at 1-833-896-4932, which is available Monday through Friday, 9 a.m. to 9 p.m. Eastern Time. Individuals may also write to HHS at 1726 Whitehead Road, Suite 106, Gwynn Oak, Maryland 21207.

We encourage individuals to remain vigilant against incidents of identity theft and fraud by reviewing account statements, explanation of benefits forms, and free credit reports for suspicious activity and to detect errors.

Under U.S. law, a consumer is entitled to one free credit report annually from each of the three major credit reporting bureaus, Equifax, Experian, and TransUnion. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. You may also directly contact the three major credit reporting bureaus listed below to request a free copy of your credit report.

Consumers have the right to place an initial or extended "fraud alert" on a credit file at no cost. An initial fraud alert is a one-year alert that is placed on a consumer's credit file. Upon seeing a fraud alert display on a consumer's credit file, a business is required to take steps to verify the consumer's identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should you wish to place a fraud alert, please contact any one of the three major credit reporting bureaus listed below.

As an alternative to a fraud alert, consumers have the right to place a "credit freeze" on a credit report, which will prohibit a credit bureau from releasing information in the credit report without the consumer's express authorization. The credit freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a credit freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a credit freeze on your credit report. To request a credit freeze, you will need to provide the following information:

  1. Full name (including middle initial, as well as Jr., Sr., II, III, etc.);
  2. Social Security number;
  3. Date of birth;
  4. Addresses for the prior two to five years;
  5. Proof of current address, such as a current utility bill or telephone bill;
  6. A legible photocopy of a government-issued identification card (state driver's license or ID card, etc.); and
  7. A copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft if you are a victim of identity theft.

Should you wish to place a credit freeze, please contact the three major credit reporting bureaus listed below:

Equifax

Experian

TransUnion

https://www.equifax.com/personal/credit-report-services/

https://www.experian.com/help/

https://www.transunion.com/credit-help

1-888-298-0045

1-888-397-3742

1-833-395-6938

Equifax Fraud Alert, P.O. Box 105069 Atlanta, GA 30348-5069

Experian Fraud Alert, P.O. Box 9554, Allen, TX 75013

TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016

Equifax Credit Freeze, P.O. Box 105788 Atlanta, GA 30348-5788

Experian Credit Freeze, P.O. Box 9554, Allen, TX 75013

TransUnion Credit Freeze, P.O. Box 160, Woodlyn, PA 19094

The Federal Trade Commission may be reached at: 600 Pennsylvania Avenue NW, Washington, D.C. 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. Individuals can obtain further information on how to file such a complaint by way of the contact information listed above. Individuals have the right to file a police report if they experience identity theft or fraud. Please note that in order to file a report with law enforcement for identity theft, you will likely need to provide some proof that you have been a victim. Instances of known or suspected identity theft should also be reported to law enforcement and your state Attorney General.

For Maryland residents, the Maryland Attorney General may be contacted at: 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; 1-410-528-8662 or 1-888-743-0023; and www.oag.state.md.us. Individuals may obtain information from these sources and/or the Federal Trade Commission using the contact information noted above about steps you can take to avoid identity theft. Individuals may also write to HHS at 1726 Whitehead Road, Suite 106, Gwynn Oak, Maryland 21207.

View original content:https://www.prnewswire.com/news-releases/hope-health-systems-inc-provide-notice-of-data-security-event-301684399.html

SOURCE Hope Health Systems Inc.

Posted In: Press Releases