Data Breach Alert: Cytometry Specialists, Inc. d/b/a CSI Laboratories | Console and Associates, PC

Recently, Cytometry Specialists, Inc. d/b/a CSI Laboratories (“CSI” “CSI Labs”) confirmed that the company had been the victim of a cyberattack resulting in the compromise of certain patient information.

If you have received a data breach notification, it is essential that you understand what is at risk.

Last year, 1,862 data breaches affected more than 189 million people. On average, victims of identity theft spend 200 hours and over $1,300 trying to find their identity. Many victims also suffer from emotional distress, credit damage, and may even end up with a criminal record. Taking immediate action is the best way to prevent the worst consequences of a data breach.

What we know so far about the cytometry specialist data breach

According to a notice posted on the company’s website, on February 12, 2022, Cytometry Labs discovered that it was the recent target of a cyberattack. In response, the company secured its systems and opened an investigation into the incident. On February 25, 2022, Cytometry Labs confirmed that an unauthorized party was able to obtain certain files from the company’s computer systems, including certain documents containing patient information.

After learning the extent of the security breach, cytometry specialists then reviewed the affected files to determine what information had been compromised. Although the information compromised varies by consumer, it may include your name, date of birth, address, medical record number, health insurance information, and case number, which is a unique identifier used to instead of your name to identify a test sample. .

Going forward, cytometry specialists can send data breach notification letters to anyone whose information has been compromised as a result of the recent data security incident.

Founded in 1998, Cytometry Specialists, Inc. is a national cancer screening laboratory based in Alpharetta, Georgia. The company, which does business as Cytometry Laboratories or CSI Labs, performs a wide range of cancer diagnostic tests, including genetics, histology and molecular diagnostics. In 2019, CSI opened a second lab in Jupiter, Florida. In 2021, Cytometry Specialists was acquired by Fulgent Genetics.

Learn more about the causes and risks of data breaches

Often, data breaches result from a hacker gaining unauthorized access to a company’s computer systems in an effort to obtain sensitive consumer information. Although no one can know why a hacker targeted CSI, it is common for hackers and other criminals to identify companies suspected of having weak data security systems or vulnerabilities in their networks.

Once a cybercriminal gains access to a computer network, they can then access and delete all data stored on compromised servers. While in most cases a business victim of a data breach can identify the accessed files, they may have no way of knowing which files the hacker actually accessed or deleted. Datas.

Although the fact that your information has been compromised in a data breach does not necessarily mean that it will be used for criminal purposes, being the victim of a data breach puts your sensitive data in the hands of someone unauthorized. Therefore, you are at increased risk of identity theft and other fraud, and criminal use of your information is a possibility that should not be ignored.

Given this reality, individuals who receive a data breach notification from cytometry specialists should take the situation seriously and remain vigilant by checking for any signs of unauthorized activity. Companies like CSI are responsible for protecting consumer data in their possession. If it appears that CSI has failed to adequately protect your sensitive information, you may be eligible for financial compensation through a data breach lawsuit.

What remedies do patients have following a CSI data breach?

When patients trusted CSI with their sensitive health information, they assumed the company would take their privacy concerns seriously. And it goes without saying that patients would think twice about giving a company access to their information if they knew it wouldn’t be secure. Thus, data breaches such as this raise questions about the adequacy of a company’s data security system.

When a business, government entity, nonprofit, school, or other organization accepts and stores patient data, it also accepts a legal obligation to ensure that this information is kept private. US data breach laws allow patients to pursue civil data breach claims against organizations that fail to protect their information.

Of course, given the recentness of the cytometry specialists’ data breach, the investigation into the incident is still in its early stages. And, at this time, there is still no evidence to suggest that CSI is legally responsible for the breach. However, that may change as more information about the breach and its causes comes to light.

If you have questions about your ability to bring a data breach class action lawsuit against cytometry specialists, contact a data breach attorney as soon as possible.

What should you do if you receive a data breach notification from a cytometry specialist?

If Cytometry Specialists sends you a data breach notification letter, you are among those whose information was compromised in the recent breach. Although this is not the time to panic, the situation deserves your attention. Below are some important steps you can take to protect yourself against identity theft and other fraudulent activity:

  1. Identify compromised information: The first thing to do after becoming aware of a data breach is to carefully review the data breach letter sent. The letter will tell you what information about you was accessible to the unauthorized party. Be sure to make a copy of the letter and keep it for your records. If you’re having trouble understanding the letter or what steps you can take to protect yourself, a data breach attorney can help.

  2. Limit future access to your accounts: Once you’ve determined what information about you was affected by the breach, the safest game is to assume that the hacker who orchestrated the attack stole your data. Although this is not the case, prevention is better than cure. To prevent future access to your accounts, you must change all passwords and security questions for any online account. This includes online banking accounts, credit card accounts, online shopping accounts, and any other accounts that contain your personal information. You should also consider changing your social media account passwords and setting up multi-factor authentication where available.

  3. Protect your credit and financial accounts: After a data breach, companies often provide affected parties with free credit monitoring services. Signing up for free credit monitoring offers important protections and does not affect any of your rights to bring a data breach lawsuit against the company if it is found to be legally responsible for the violation. You should contact a credit bureau to request a copy of your credit file, even if you notice no signs of fraud or unauthorized activity. Adding a fraud alert to your account will provide you with additional protection.

  4. Consider implementing a credit freeze: A credit freeze prevents anyone from accessing your credit report. Credit freezes are free and remain in effect until you remove them. Once a credit freeze is in place, you can temporarily lift it if you need to apply for any type of credit. While freezing credit on your accounts may seem like overkill, given the risks involved, it’s warranted. According to the Identity Theft Resource Center (“ITRC”), freezing credit on your account is “the most effective way to prevent a new credit/financial account from being opened.” However, only 3% of data breach victims freeze their accounts.

  5. Monitor your credit report and financial accounts regularly: Protecting yourself following a data breach requires continuous effort on your part. You should regularly check your credit report and all financial account statements for any signs of unauthorized activity or fraud. You should also call your banks and credit card companies to report that your information has been compromised in a data breach.

Below is a copy of the data breach notification posted on the Cytometry Specialists, Inc. website:

Dear [Consumer],

On February 12, 2022, Cytometry Specialists, Inc. d/b/a CSI Laboratories (“CSI”) became aware of a cyberattack that partially disrupted CSI’s information systems.

Upon learning of the incident, we immediately took steps to isolate and secure our systems and investigate the incident. As part of the investigation, on February 25, 2022, we determined that an unauthorized intruder had acquired certain files from our systems, including documents that may contain patient information. Since then, we have been analyzing affected files to understand what information may be at risk, identify affected individuals and obtain contact information, and strive to notify individuals and authorities as appropriate.

Some of the affected files contained very limited patient information, such as the case number, which is a unique identifier used instead of a patient’s name to identify a sample. Some affected files contained more information, including the patient’s name, date of birth, address, medical record number and health insurance information. None of the files contained social security numbers or financial account information. At this time, we have no facts to suggest that any of the information has been used further and in some cases it will be very difficult, if not impossible, for anyone to make further use of the information accessed.

We have engaged a well-known forensic investigation company to identify the extent of the incident and help us secure our systems and data. We have carefully brought our systems back online and continue to closely monitor our network and information systems for any unusual activity. We will continue to improve the security on our company networks and protect against unauthorized access or similar criminal activity in the future.

Please call 1-833-903-3648 with any questions you may have. Representatives are available Monday through Friday from 9:00 a.m. to 9:00 p.m. Eastern Time.

Comments are closed.