« Information Technology
  

New Jersey Affiliated Dermatologists Suffers Cyberattack

The cybersecurity incident occurred in March.

By HFT Staff


On March 5, 2024, Affiliated Dermatologists (AD) detected it was the target of a cybersecurity attack whereby an unauthorized third party gained access and left a ransom note on AD’s network. Upon discovery of this incident, AD immediately disconnected access to the network, alerted its third-party IT provider and engaged specialized cybersecurity professionals to conduct a forensic investigation into the nature and scope of the incident.  

On April 10, 2024, AD’s investigation determined that between March 2, 2024, and March 5, 2024, the unauthorized actor obtained access to certain systems and copied data from AD’s network, including the personal information of AD patients and employees.  

While the information involved varies for each individual, AD’s investigation has determined that the unauthorized actor may have accessed the following categories of information: 

  • For patients: name, date of birth, mailing address, social security number, medical treatment information, and health insurance claims information. -  
  • For employees: name, date of birth, mailing address, social security number, driver’s license number, and passport number.  

Again, the information involved varies for each individual, and not every category applies in each individual case. AD will mail personalized notification letters to the affected individuals that detail the specific categories of information that apply in each individual’s case.  

At this time, AD is not aware of any misuse of any personal information in connection with this incident. 

Since the discovery of the incident, AD moved quickly to investigate, respond, and confirm the security of our systems. Specifically, AD immediately disconnected access to its network and engaged specialized cybersecurity professionals to assist network restoration efforts and conduct a forensic investigation into the nature and scope of the incident. In addition, AD has taken steps to further enhance its network security, including implementation of 24-7 network security monitoring, multi-factor authentication for all remote access and password resets for all accounts on the network. 



May 21, 2024


Topic Area: Information Technology , Security

Recent Posts

A 'Superbug' Is on the Rise in Hospitals

CDC data on C. auris in New York, Illinois, California, Florida and Nevada found more than 1,000 reported cases each in 2023.

The Next Generation of Security Tech in Healthcare Facilities

Manufacturers discuss how AI-powered CCTV and touchless weapon detection are redefining how hospitals protect patients and staff.

Encompass Health Rehabilitation Hospital of St. Petersburg Opens

This marks the opening of Encompass’ twenty-fifth location in Florida.

Why More Facilities are Adding Gender Neutral Restrooms

Gender neutral restrooms help avoid controversy in public facilities.

Massachusetts Hospital Cyberattack Reflects Growing Vulnerability in Healthcare Systems

As outages disrupt patient care and emergency services, facility leaders are reminded that cybersecurity is a shared responsibility.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.