Luque Chiropractic, Inc. Provides Notice of Data Security Incident

WATSONVILLE, Calif., Nov. 17, 2016 /PRNewswire/ -- Luque Chiropractic, Inc. on behalf of itself and Watsonville Chiropractic, Inc. (David W. Christie, D.C.) (collectively "Luque") today announced a data incident affecting the security of certain patient records.  On September 18, 2016, Luque was notified by its billing software company that its Amazon "S3" storage account was vulnerable because it was accessible to persons outside their organization, and that a security researcher accessed and downloaded information from the storage account. This storage account contained, among other things, protected health information of certain Luque Chiropractic, Inc. and Watsonville Chiropractic, Inc. (David W. Christie, D.C.) patients. The billing software company immediately took steps to secure the storage account and launched an investigation to determine to what extent sensitive information was accessed or acquired. They determined that the storage account was vulnerable from May, 2016 to September 11, 2016 and that information was accessed and downloaded by the security researcher on or around September 10, 2016. However, there are no indications that any fraud has resulted from this incident.

"We take any threat to the security of information entrusted to us very seriously," said Dr. Fernando Luque, D.C. of Luque Chiropractic, Inc. "Once the error was discovered, we worked with the billing software company to ensure that access to the storage account was restricted and that proper access credentials are in place." Dr. Luque added, "We apologize for any inconvenience or concern this incident may cause our patients."

Information Compromised

While Luque has no indications that any fraud has resulted from this incident, it has confirmed that the data affected by this incident possibly includes patient names, addresses, diagnoses, dates of birth, treatment locations, treatment dates, and Social Security numbers. Not all patients had the same types of information affected.

Notification

Luque has provided a telephone line for anyone seeking additional information regarding this incident, as well as steps to better protect against identity theft. This line can be reached at 844-418-6630, Monday – Friday, 9 a.m. – 6 p.m. PST, excluding major holidays. In addition, Luque will be mailing letters directly to clients potentially affected by this incident.

Identity Protection Services

While Luque is unaware of any actual or attempted misuse of client personal information, it is offering those individuals potentially affected by this incident the option to enroll in credit monitoring and identity restoration services with Equifax. Instructions on how to enroll are included in the letters mailed to affected individuals.

Fraud Prevention Tips

Luque encourages everyone affected by this incident to remain vigilant against identity theft. Steps include:

• Reviewing account statements, medical bills, and health insurance statements regularly for suspicious activity, to ensure that no one has submitted fraudulent medical claims using your name and address. Report all suspicious or fraudulent charges to your account and insurance providers. If you do not receive regular Explanation of Benefits statements, you can contact your health plan and request them to send such statements following the provision of services.
• Ordering and monitoring your credit reports for suspicious activity. Under U.S. law, everyone is entitled to one free credit report annually from each of the three major credit bureaus. To order a free credit report, visit http://www.annualcreditreport.com/or call, toll-free, 1-877-322-8228. Individuals may also contact the three major credit bureaus directly to request a free copy of their credit report:

• Placing a "fraud alert" on your credit file. A "fraud alert" will tell creditors to take additional steps to verify your identity prior to granting credit in your name; however, because it tells creditors to follow certain procedures to protect you, it may also delay your ability to obtain credit while the credit bureaus verify your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your files. You may use the contact information listed above to contact the major credit bureaus and place a "fraud alert" on your credit report.
• Placing a "security freeze" on your credit file, that prohibits a credit reporting agency from releasing any information from your credit report without your written authorization but may delay, interfere with, or prevent the timely approval of any requests for new credit. If you have been a victim of identity theft, and provide the credit reporting agency with a valid police report, the credit reporting agency cannot charge to place, lift or remove a security freeze. In all other cases, a credit agency may charge you a fee to place, temporarily lift, or permanently remove a security freeze. You must contact each of the credit reporting agencies separately to place a security freeze on your credit file:

• Educating yourself further on identity theft, fraud alerts, and the steps one can take to protect against identity theft and fraud by contacting the Federal Trade Commission or your state Attorney General. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.ftc.gov/idtheft/,;1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261. Further information on how to file such a complaint can be gained by contacting any of the reporting credit agencies listed above.
• Reporting suspicious activity or incidents of identity theft and fraud to local law enforcement. 

To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/luque-chiropractic-inc-provides-notice-of-data-security-incident-300365443.html

SOURCE Luque Chiropractic, Inc.

[ Back To TMCnet.com's Homepage ]