siParadigm Diagnostic Informatics Data Breach Affects 26,534 Individuals

On June 11, 2024, siParadigm Diagnostic Informatics discovered a significant data breach involving unauthorized access to their computer network. This incident has affected 26,534 individuals across the United States, with three residents specifically impacted in Maine. The breach exposed sensitive consumer information, including names, social security numbers, dates of birth, addresses, medical information, and employment-related details.

On July 22, 2014, ransomware group, akira, claimed they had hacked siParadigm's systems. Their claim was published on the group's dark web website:

After a thorough investigation by third-party digital forensic experts, it was confirmed that the unauthorized access might have compromised files related to diagnostics and related services.

The breach was made public on September 19, 2024, and was reported to the Maine Attorney General's office and the California Attorney General's office.

In total, 26,534 individuals in the United States were affected by this breach, including three residents from Maine. The types of consumer information exposed in this incident include:

• Name
• Social Security number
• Date of birth
• Address
• Medical information
• Employment-related information

The breach was publicly disclosed on September 19, 2024, and reported to the Maine Attorney General's office. siParadigm has taken steps to notify affected individuals, with notifications being sent out on September 18, 2024, via written communication.

siParadigm's Response

In response to the data breach, siParadigm has taken several measures to address the situation and prevent future incidents. The company immediately initiated its incident response plan and engaged additional third-party experts to assist with the investigation. These experts have worked to secure the environment, enhance network security, and conduct a digital forensic investigation to assess the extent of unauthorized activity.

siParadigm has also notified law enforcement of the incident and is offering complimentary credit monitoring and identity protection services for twelve months to those affected. These services are provided by Cyberscout, a TransUnion company, and include proactive fraud assistance and identity protection measures.

Steps for Affected Individuals

If you are affected by the siParadigm data breach, there are several steps you should take to protect your personal information:

1. Enroll in Credit Monitoring Services: siParadigm is offering complimentary credit monitoring services for twelve months. It is crucial to enroll in these services within ninety days of receiving the notification letter to benefit from the protection offered.
2. Monitor Financial Accounts: Regularly review your financial account statements and credit reports for any suspicious activity. Promptly report any unauthorized transactions to your financial institution.
3. Place Fraud Alerts: Consider placing fraud alerts on your credit reports with major credit bureaus like Experian, Equifax, and TransUnion. This can help prevent new accounts from being opened in your name without your permission.
4. Implement a Security Freeze: You may also choose to place a security freeze on your credit report, which can prevent lenders from accessing your credit report without your consent.
5. Stay Vigilant: Remain vigilant for signs of identity theft and report any suspicious activity to the appropriate authorities.