Albany Gastroenterology Associates reports data breach

Albany Gastroenterology Consultants (Albany Gastro), a gastroenterology practice in Albany, New York, is reporting a data security breach that was discovered on November 19, 2024.

Unusual activity was detected within their system which caused disruptions to normal access. The practice initiated security protocols and engaged a forensics and incident response firm to conduct an investigation.

The investigation confirmed that an unauthorized actor had gained access to their systems on or around November 10, 2024, and successfully acquired sensitive data. The investigation completed on January 21, 2025. The compromised information includes individuals' names and Social Security numbers,

The nature of the attack and the total number of affected individuals has not been disclosed.

The organization has secured its network environment and reported the incident to the FBI, committing to cooperate with any resulting investigation.

Albany Gastro is offering affected individuals complimentary credit monitoring and identity theft protection services through IDX, a data breach and recovery services expert. These services include either 12 or 24 months of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services. Affected individuals have until April 28, 2025, to enroll in these protective services.

Update - As of 25th of September 2025, although Albany Gastroenterology Consultants first reported the breach in January 2025 continued investigation revealed additional compromised data, leading to a second review process that concluded on September 17, 2025. The practice began mailing additional notification letters to newly identified affected individuals on September 23, 2025, indicating that the scope of the breach was more extensive than initially determined. The breach compromised the personal information of 57,751 individuals.