Affinity Health Services Data Breach

What Happened?

On April 24, 2023, Affinity Health Services experienced a significant network security incident. This breach was identified and immediately addressed by engaging third-party forensic specialists to secure the environment and investigate the unauthorized activity. The investigation, which concluded on November 3, 2023, revealed that an unauthorized third party may have accessed sensitive personal information.

The types of information potentially accessed include first names, last names, addresses, Social Security numbers, and health information. Although there has been no reported misuse of the information since the incident was discovered, the possibility of data exposure cannot be overlooked.

What Information Was Involved?

The data potentially accessed during this breach includes highly sensitive personal and health information. Specifically, the unauthorized party may have accessed:

• First and last names
• Home addresses
• Social Security numbers
• Health information

This kind of information can be used for identity theft and other fraudulent activities, making it crucial for affected individuals to take protective actions.

What Affinity Health Services Is Doing

In response to the breach, Affinity Health Services has taken several steps to enhance security and assist those potentially affected. The company has fortified its network environment with the help of IT specialists to prevent future incidents.

To support individuals potentially impacted by this breach, Affinity Health Services is offering Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score services free of charge for 24 months. These services are designed to alert individuals to changes in their credit file, helping them to monitor any potential misuse of their information. Additionally, proactive fraud assistance through Cyberscout, a TransUnion company, is available to address concerns and assist with remediation if fraud occurs.

What You Can Do

If you believe you might be affected by this breach, it is recommended to take the following steps immediately:

1. Enroll in Credit Monitoring Services: The IdentityForce link in the consumer notification letter has expired.
2. Review Your Credit Reports: Obtain a free copy of your credit report from each of the three major credit reporting agencies by visiting AnnualCreditReport.com or calling 1-877-322-8228. This will help you to identify any discrepancies or unauthorized activities.
3. Place a Fraud Alert: Place a fraud alert on your credit reports to make it harder for identity thieves to open accounts in your name. This can be done by contacting one of the three major credit bureaus:
1. Equifax
2. TransUnion
3. Experian

1. Consider a Security Freeze: A security freeze will prevent creditors from accessing your credit report entirely, which helps prevent new accounts from being opened in your name.
2. Stay Vigilant: Regularly monitor your financial accounts and billing statements for any unusual activity.

For More Information

If you have further questions or need assistance, you can contact Cyberscout at 1-844-360-3558, available Monday through Friday from 8:00 am to 8:00 pm Eastern Time. Additionally, you can learn more about protecting yourself from identity theft and the steps you can take following a data breach by visiting the Federal Trade Commission's identity theft website.

By taking these steps, you can better protect yourself from potential consequences of this data breach and strengthen your personal information security.