TOMS RIVER, N.J., Oct. 27, 2020 /PRNewswire/ — Community Surgical Supply of Toms River (“CSS”) is mailing letters to customers whose information may have been involved in a recent incident involving unauthorized access to an employee’s email account.
On July 17, 2020, CSS identified suspicious activity relating to one of its employee’s email accounts. CSS immediately secured the account and a computer forensic firm was engaged to assist with its continued investigation. On August 6, 2020, the investigation determined that the employee’s email account was subject to unauthorized access at some point prior to July 17, 2020, and that emails received by the email account between May 10, 2020 and July 17, 2020 were forwarded to an unauthorized email address. The investigation was unable to determine whether the unauthorized person actually viewed any emails or attachments in the employee’s email account. Out of an abundance of caution, CSS reviewed all of the emails and attachments contained in the email account to identify customer information that may have been accessible to the unauthorized person. Through this review, which completed on September 12, 2020, CSS identified emails and/or attachments containing customer information, including names, dates of birth, medical record or patient account numbers, and/or limited treatment or clinical information, such as diagnoses, medication information, and/or provider information. In some instances, customers’ Social Security numbers and/or health insurance information were also identified in the account.
This incident did not affect all CSS customers, but only those whose information was contained in the affected email account.
CSS is mailing letters to customers whose information was identified in the account and for whom CSS has sufficient contact information. CSS has established a dedicated, toll-free number to answer questions that individuals may have about the incident. Customers with questions can call 1-888-222-1962, Monday through Friday, from 8:00 a.m. to 5:00 p.m. Eastern Time. CSS has no evidence that customer information has been misused as a result of this incident. However, for customers whose Social Security numbers were found in the email account, CSS will offer complimentary credit monitoring and identity protection services. CSS also recommends that affected customers review statements they receive from their healthcare provider or health insurer. If customers see charges for services they did not receive or transactions they do not recognize, they should contact the provider or insurer immediately.
CSS is committed to protecting the confidentiality and security of its customers’ information and regrets any concern or inconvenience this incident may cause. To help prevent something like this from happening in the future, CSS has reinforced education with its staff regarding how to identify and avoid suspicious emails and is making additional security enhancements to its email environment.
SOURCE Community Surgical Supply of Toms River