Data Breach reported by University Urology, over 56,000 impacted.

University Urology located in New York City is informing 56,816 individuals that unauthorized individuals managed to gain access to certain systems, potentially compromising their personal and health information. On February 1, 2023, suspicious activity was detected within their computer systems, leading them to engage third-party cybersecurity experts to conduct a thorough forensic analysis of the incident in order to ascertain the nature and extent of the attack. The investigation concluded on March 3, 2023, confirming that files within their network had been accessed. A manual review of these files was conducted and finalized on March 30, 2023. The exposed information may vary from person to person and could include details such as first and last names, dates of birth, addresses, medical conditions, medical treatments, test results, prescription information, health insurance information, subscriber ID numbers, health plan beneficiary numbers, billing/invoice information, as well as usernames/email addresses with associated passwords/security questions and answers that could potentially grant access to user accounts. University Urology has reported the deployment of Sentinel One agents for a duration of 30 days, enabling the cybersecurity firm to monitor their environment for any malicious activity and indicators of compromise. It has been confirmed that all methods of persistence, unauthorized remote access tools, and malicious files have been removed from their systems, and additional security measures have been implemented. Although no instances of actual or attempted misuse of the exposed data have been reported, affected individuals have been offered complimentary credit monitoring and identity theft protection services for a period of 12 or 24 months.