Newman Regional Health, based in Emporia, Kansas, recently confirmed a data breach resulting from a hacking/computer incident involving one or more organizational email accounts. While details about the Newman Regional Health breach are yet to come, it appears the breach exposed the sensitive information of up to 52,224 people.
If you have received a data breach notification, it is essential that you understand what is at risk and what you can do about it. To learn more about what you can do if your data has been stolen, see our previous blog post, “A Guide for Data Breach Victims”.
The link between data breaches and identity theft
Technological advances in recent decades have made it possible to store more information electronically. While this makes it easier for businesses and other organizations to manage consumer data, it also exposes that information to the risk of a data breach. In fact, according to recent estimates, up to 15 million people are victims of identity theft every year. Many cases of identity theft occur as a result of data breaches, such as the one recently announced by Newman Regional Health.
Identity theft occurs when a criminal actor uses another person’s information to steal their identity. There are several reasons why someone might try to impersonate another person. Most often, criminals engage in identity theft for their own financial gain, for example, by opening a bank account or credit card in a victim’s name. On average, victims of identity theft spend over $1,300 and around $200 to recover their identity. However, in some cases, the harms are much worse. For example, in cases of criminal identity theft, a criminal provides information about the victim to the police if arrested, which can lead to a warrant for the victim’s arrest and even a criminal record. In other cases, criminals use consumers’ protected health information against them by threatening to release the information unless the victim pays a “ransom.”
By investigating the Newman Regional Health, Console & Associates data breach, PC hopes to help victims understand the possible risks of identity theft and learn how they may be able to obtain compensation for anything they have lived and may have to cross in the future.
About Newman Regional Health
Newman Regional Health is a not-for-profit health system located in Emporia, Kansas. Newman Regional Health consists of a 25-bed Critical Access Hospital, 10-bed Acute Medical Rehabilitation Unit, 19-bed Emergency Room, 10-bed Clinical Decision Unit and a 4-room express care clinic. Newman Regional Health was founded in 1922 and employs over 900 people.
Data breaches become a national crisis
The concept of data breach is not new; However, with changes in the way cybercriminals conduct their attacks, the risks to consumers are greater than ever. For example, between the years 2020 and 2021, the number of data breaches increased by 68%. However, the total number of data breach victims over that same period actually decreased by about 5%. Unfortunately, this is not necessarily good news. According to the Identity Theft Resource Center, the reduction in the number of victims is due to cybercriminals focusing their efforts on stealing specific types of data, such as bank account information, social security numbers and protected health information. Not surprisingly, data breaches involving this information pose a much greater risk to consumers. Yet there are more than 188 million victims of data breaches per year.
Data breaches occur in several ways. For example, malware installation, ransomware attacks, and phishing scams are common. In each of these cases, a hacker targets an organization, usually aware or suspected of vulnerabilities in the company’s data security system. Once the hacker gains access to an organization’s computer network, they can access and steal any consumer data located on the affected network.
Organizations such as businesses, nonprofits, educational institutions, and healthcare providers all have a critical role to play in preventing data breaches. When an organization stores consumer data, it assumes a duty to protect that information. In fact, an organization’s data security system is the first line of defense against a cyberattack. Thus, it is imperative that organizations understand their data security responsibilities and take them seriously. Unfortunately, many organizations have been slow to adopt the latest data security measures, despite millions of dollars in profits each year. Data breach class action lawsuits hold organizations accountable for their lax data security measures, allowing consumers to send the message that their privacy matters.
What to do after a data breach
Any business or organization that experiences a data breach must notify the affected individuals. These data breach notices provide crucial information and should not be ignored. If you have received a data breach letter from Newman Regional Health, it is important that you take the following steps to protect yourself.
Carefully review the letter to confirm what information has been compromised: After receiving a data breach notification, the first thing to do is read the letter carefully to determine what information was involved. While this list provides some basic advice on what to do after a data breach, there are additional steps to take depending on the type of information that has been leaked. Also retain a copy of the data breach letter for your records.
Stop all future access to your accounts: Regardless of the nature of the data breach or what data about you has been compromised, it is important that you change all passwords and security questions for your online accounts, especially your online banking login details. line. For accounts that allow you to set up multi-factor authentication, it’s a good idea to do so, as it makes it much harder for an unauthorized party to gain access to your accounts.
Protect your credit: More than 70% of data breaches involve compromised social security numbers or bank account information. This is intentional, as cybercriminals can relatively easily use this information for their own financial gain. Thus, it is essential to take the necessary measures to prevent unauthorized access to your credit. After announcing a data breach, organizations usually offer free credit monitoring for a certain period. Importantly, you’re not giving up any rights by signing up for free credit monitoring, so there’s no reason not to.
Consider placing a credit freeze: A credit freeze is an alert on your credit file placed by one of the three major credit bureaus (TransUnion, Equifax and Experian). When the credit bureau puts a credit freeze on your account, it prevents anyone from accessing your credit unless you give them permission to do so. Credit freezes remain active until you remove them; however, you can temporarily lift a freeze, for example, if you need to apply for a loan. According to the Identity Theft Resource Center, freezing credit is the “most effective way to prevent a new credit/financial account from being opened.” However, the ITRC reports that only 3% of consumers whose information is leaked freeze their accounts.
Keep a close eye on your credit report and bank accounts: For data breach victims, the sad reality is that fixing the situation is an ongoing effort. You need to protect yourself against the ongoing threat of identity theft. After receiving a data breach notification, regularly check your bank accounts and credit card accounts for any signs of unknown transactions. You should also check your credit report regularly. By doing this, you will be able to know when a company is doing a credit check.
Contact a data breach lawyer as soon as possible: If your information has been exposed as a result of a data breach, it’s important that you don’t wait to speak to an attorney. Under US data breach laws, the company responsible for securing your information may be financially liable for your damages. These damages are intended to compensate you for the money and time spent recovering your identity. However, these cases are not just about money. Data breach class action lawsuits are also important tools that consumers can use to convince big companies to take data security more seriously. Over time, organizations will learn that they must either implement more comprehensive data security measures or face the threat of financial liability.