The breach was initially discovered July 2, when ACG became aware that unauthorized parties had accessed the center’s computer network. The following investigation revealed that between the unauthorized parties maintained access to the data for nearly a month between June 6 and July 2.
Compromised information included addresses, contact information, Social Security numbers, health insurance information, usernames, passwords, medical data, driver’s license numbers, passport numbers, and bank account and other financial information from current and past patients, physicians, staff and guarantors at ACG.
ACG engaged law enforcement and temporarily disconnected the ACG network from the Internet to reset user passwords. They are offering 24 months of identity theft protection services to anyone impacted by the breach.
