BrightStar Care Data Breach Compromises Medical Records

Chicago based Healthcare staffing agency, BrightStar Care, recently experienced a data breach according to a report filed with the Massachusetts Attorney General's office. The breach involved unauthorized access to an employee email account over a two-day period from May 15, 2024, to May 16, 2024.

During this time, an unauthorized individual may have accessed sensitive information contained within the email account. The breach potentially exposed medical records from their system.

The breach affected two individuals in the state of Massachusetts. While the company says there is no evidence of misuse of the information, BrightStar Care has taken steps to notify affected individuals and provide them with resources to protect their information.

BrightStar Care's Response

Upon discovering the suspicious activity, BrightStar Care acted quickly by performing a password reset for the compromised email account. The company also engaged third-party specialists to conduct a thorough investigation into the nature and scope of the breach. This investigation was completed by August 29, 2024.

To further secure their environment, BrightStar Care implemented additional technical safeguards. The company is offering affected individuals access to credit monitoring and identity protection services at no cost. These services include alerts for changes to the individual's TransUnion credit file and proactive fraud assistance through Cyberscout, a TransUnion company.

Steps to take if you are affected by the data breach

If you have been notified that you are affected by this data breach, it is important to remain vigilant.

Here are some steps you can take:

1. Enroll in Credit Monitoring Services: BrightStar Care is providing affected individuals with complimentary credit monitoring services. Make sure to enroll within 90 days from the date of the notification letter to take advantage of this offer.
2. Monitor Your Accounts: Regularly check your credit reports, account statements, and explanation of benefits forms for any suspicious activity. You are entitled to one free credit report annually from each of the three major credit reporting bureaus: TransUnion, Experian, and Equifax. Visit Annual Credit Report to access your reports.
3. Place a Fraud Alert or Credit Freeze: Consider placing a fraud alert or credit freeze on your credit file to prevent unauthorized access. A fraud alert is a one-year alert that requires businesses to verify your identity before extending new credit. A credit freeze prohibits credit bureaus from releasing your credit report without your authorization.
4. Report Suspicious Activity: If you notice any unusual activity on your accounts, contact your financial institution or company immediately. You can also file a complaint with the Federal Trade Commission (FTC) at Identity Theft.