HMG Healthcare, LLC (HMG) mailed notification letters to certain residents and employees affected by a data security incident and issued a press release to report the incident publicly. This website notice is intended to provide the same information included in the notification letters to individuals for whom HMG has insufficient or out-of-date contact information.
In November 2023, HMG became aware of a data breach of personal health information related to residents and employees at HMG affiliated nursing facilities. HMG are notifying affected individuals and/or their responsible parties that during August 2023, a server containing theirs or a loved one’s information was accessed without authorization and the records were potentially compromised.
The incident involved hackers gaining access to HMG’s server and stealing unencrypted files. Files on the server likely contained medical records and personal information, including names, dates of birth, contact information, general health information, information regarding medical treatment, social security numbers and/or employment records.
HMG quickly identified this breach and took steps to investigate the incident fully, mitigate any potential harm to those affected and/or their loved ones, and protect against any further breaches. HMG worked diligently to ensure that the stolen files were not further shared by the hackers to other sources. HMG tried to identify the specific data compromised but have now determined that such identification is not feasible.
HMG have reviewed their policies and procedures regarding safeguards to ensure the security and integrity of electronic health information and have increased their data security protocols. While HMG believes that the breach has been mitigated, affected individuals can take steps to protect themselves or loved ones by monitoring account statements, explanations of benefits and credit bureau reports closely.