BayMark Health Services, a healthcare management company, has disclosed a data breach impacting patient information.
The incident, which occurred between late September and mid-October 2024, involved unauthorized access to sensitive data stored on its IT systems.
The company has begun notifying affected individuals nationwide and offering identity theft protection services.
According to BayMark’s investigation, which was conducted with assistance from third-party cybersecurity experts, the breach was detected on October 11, 2024.
Files on the company’s systems were accessed by an unauthorized party between September 24 and October 14, 2024.
The breach resulted in disruption to some IT operations, prompting immediate measures to secure systems and notify law enforcement.
By November 5, 2024, BayMark determined that the compromised files contained patient information, including names, Social Security numbers, driver’s license numbers, dates of birth, treatment details, insurance information, and other sensitive data, depending on the individual.
BayMark has taken steps to enhance its cybersecurity, implementing new safeguards and monitoring protocols to prevent future incidents.
Additionally, the company is providing a one-year complimentary subscription to Equifax Complete™ Premier, an identity theft protection service.
This service includes credit monitoring, identity restoration support, and up to $1 million in identity theft insurance.
Affected individuals have been encouraged to activate their free membership using the instructions provided in the notification letters.
BayMark has assured patients that enrolling will not impact their credit scores.
BayMark urges affected patients to:
- Enroll in Credit Monitoring: Use the activation code provided in the notification letter to sign up for the free Equifax credit monitoring service.
- Stay Vigilant: Regularly review financial statements and credit reports for unauthorized activity.
- Consider a Credit Freeze: If concerned about further misuse, individuals can place a free credit freeze with major credit reporting agencies.
Further guidance on protecting personal information and monitoring for fraud has been provided in the company’s letter, including contact information for the three main credit bureaus (Equifax, Experian, and TransUnion) and federal agencies such as the Federal Trade Commission.
In its statement, BayMark apologized for the breach and emphasized its commitment to protecting patient data.
The healthcare provider has set up a dedicated helpline (855-295-0995) to address patient concerns.
The helpline is available Monday through Friday, 8:00 a.m. to 8:00 p.m. Central Time, excluding holidays.
This incident highlights the ongoing security challenges faced by healthcare organizations, which are frequent targets for cyberattacks due to the sensitive nature of the information they manage.
Experts recommend that healthcare providers continue to invest in robust cybersecurity measures and data protection protocols.
Affected individuals are advised to remain proactive in safeguarding their personal information and utilize the resources BayMark is offering to mitigate potential risks.
