« Information Technology
  

New Jersey Affiliated Dermatologists Suffers Cyberattack

The cybersecurity incident occurred in March.

By HFT Staff


On March 5, 2024, Affiliated Dermatologists (AD) detected it was the target of a cybersecurity attack whereby an unauthorized third party gained access and left a ransom note on AD’s network. Upon discovery of this incident, AD immediately disconnected access to the network, alerted its third-party IT provider and engaged specialized cybersecurity professionals to conduct a forensic investigation into the nature and scope of the incident.  

On April 10, 2024, AD’s investigation determined that between March 2, 2024, and March 5, 2024, the unauthorized actor obtained access to certain systems and copied data from AD’s network, including the personal information of AD patients and employees.  

While the information involved varies for each individual, AD’s investigation has determined that the unauthorized actor may have accessed the following categories of information: 

  • For patients: name, date of birth, mailing address, social security number, medical treatment information, and health insurance claims information. -  
  • For employees: name, date of birth, mailing address, social security number, driver’s license number, and passport number.  

Again, the information involved varies for each individual, and not every category applies in each individual case. AD will mail personalized notification letters to the affected individuals that detail the specific categories of information that apply in each individual’s case.  

At this time, AD is not aware of any misuse of any personal information in connection with this incident. 

Since the discovery of the incident, AD moved quickly to investigate, respond, and confirm the security of our systems. Specifically, AD immediately disconnected access to its network and engaged specialized cybersecurity professionals to assist network restoration efforts and conduct a forensic investigation into the nature and scope of the incident. In addition, AD has taken steps to further enhance its network security, including implementation of 24-7 network security monitoring, multi-factor authentication for all remote access and password resets for all accounts on the network. 



May 21, 2024


Topic Area: Information Technology , Security

Recent Posts

AI Usage for Healthcare Facilities

People in all industries are finding more use cases for artificial intelligence.

Ground Broken on Pelican Valley Senior Living Modernization Project

It is expected to reach completion in early-mid 2027.

All-Electric UCI Health – Irvine Hospital Set to Open

The 144-bed facility will be the nation’s first all-electric acute care hospital, serving the residents of coastal and south Orange County.

The Rising Strategic Value of Owner's Reps in Healthcare

The role of the owner’s representative has evolved beyond project advocate to strategic campus planning consultant.

Lawrence Group Designs Pair of Ignite Medical Resorts in Missouri

They combine cutting-edge physical rehabilitation with the indulgence of a 5-Star hotel.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.