On June 11, 2024, siParadigm Diagnostic Informatics discovered a significant data breach involving unauthorized access to their computer network. This incident has affected 26,534 individuals across the United States, with three residents specifically impacted in Maine. The breach exposed sensitive consumer information, including names, social security numbers, dates of birth, addresses, medical information, and employment-related details.
On July 22, 2014, ransomware group, akira, claimed they had hacked siParadigm's systems. Their claim was published on the group's dark web website:
After a thorough investigation by third-party digital forensic experts, it was confirmed that the unauthorized access might have compromised files related to diagnostics and related services.
The breach was made public on September 19, 2024, and was reported to the Maine Attorney General's office and the California Attorney General's office.
In total, 26,534 individuals in the United States were affected by this breach, including three residents from Maine. The types of consumer information exposed in this incident include:
The breach was publicly disclosed on September 19, 2024, and reported to the Maine Attorney General's office. siParadigm has taken steps to notify affected individuals, with notifications being sent out on September 18, 2024, via written communication.
In response to the data breach, siParadigm has taken several measures to address the situation and prevent future incidents. The company immediately initiated its incident response plan and engaged additional third-party experts to assist with the investigation. These experts have worked to secure the environment, enhance network security, and conduct a digital forensic investigation to assess the extent of unauthorized activity.
siParadigm has also notified law enforcement of the incident and is offering complimentary credit monitoring and identity protection services for twelve months to those affected. These services are provided by Cyberscout, a TransUnion company, and include proactive fraud assistance and identity protection measures.
If you are affected by the siParadigm data breach, there are several steps you should take to protect your personal information: