Affinity Legacy, Inc.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Affinity Legacy, Inc., previously known as Affinity Health Plan, Inc., experienced a data breach that affected 5,538 former Medicare Advantage members. The breach occurred at a former third-party vendor that provided claims processing services to Affinity Health Plan before 2019. The unauthorized access and downloading of files took place between May 30 and June 2, 2023, on the vendor’s MOVEit Secure File Transfer server[1][4][10].
The compromised data varied per member but may include names, mailing addresses, dates of birth, social security numbers, Medicare numbers, and/or medical diagnosis codes[1][4]. It is important to note that Affinity’s own systems were not impacted by this incident[1][4].
Affected individuals were either former members of Affinity’s Medicare Advantage Plan prior to 2019 or, following 2019, members of an EmblemHealth Medicare Advantage Plan[1]. The breach is part of a larger attack that is believed to have impacted over tens of millions of individuals and more than 2,000 organizations across various industries worldwide[1].
Affinity Legacy has taken steps to address the breach by working with the third-party vendor to understand the extent of the incident and is mailing personalized notices to all affected members. These notices provide detailed information about the breach and the specific data compromised for each member. Additionally, Affinity Legacy is offering complimentary Personal Identity and Privacy Protection services through a national leader in data breach response[1][4].
For more information about the incident, individuals can visit Affinity Legacy’s website at www.affinitylegacy.org[1]. The breach has also been reported to the U.S. Department of Health and Human Services Office for Civil Rights, as required by law[18].
Affinity Legacy, Inc. is a not-for-profit organization based in the Bronx, New York, that focuses on supporting underserved individuals, families, and communities in New York City and surrounding counties through grants to community-based organizations[10].
Citations:
- https://www.businesswire.com/news/home/20231201545876/en/Affinity-Legacy-Inc.-Confirms-Data-Breach-Affected-Former-Medicare-Customers
- https://www.cbinsights.com/company/affinity-health-plan
- https://www.washingtonpost.com/politics/2024/02/09/what-if-this-novembers-likely-biden-trump-rematch-suddenly-isnt/
- https://westfaironline.com/technology/affinity-legacy-reports-data-breach-impacting-over-5500-medicare-advantage-members/
- https://www.databreachtoday.com/12-million-penalty-in-copier-breach-a-5991
- https://www.independent.co.uk/news/world/americas/us-politics/tucker-carlson-fox-news-x-twitter-putin-interview-b2492790.html
- https://www.turkestrauss.com/2023/12/06/affinity-legacy-data-breach-investigation/
- https://affinitylegacy.org/leadership/
- https://www.northwell.edu
- https://www.beyondmachines.net/event_details/affinity-legacy-inc-reports-moveit-related-data-breach-p-v-1-n-i
- https://www.globalatlantic.com
- https://affinitylegacy.org
- https://securityscorecard.com
- https://affinitylegacy.org/connect/
- https://www.costcoauto.com/enterzipcode.aspx
- https://affinitylegacy.org/history/
- https://www.eurooptic.com
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf?%3F%3F%3F%3F%3F%3F%3F%3F%3Futm_campaign=Oktopost-Employee+Spotlight%3A+Inside+Tanium&%3F%3F%3F%3F%3F%3F%3Futm_campaign=Oktopost-Employee+Spotlight%3A+Inside+Tanium
- https://www.happybank.com