ASAS Health, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

ASAS Health, LLC, a healthcare services provider based in Edinburg, Texas, experienced a significant data breach that was first detected on March 9, 2023, when the company noticed suspicious activity within its computer system. An investigation revealed that an unauthorized party had gained access to the company’s network as early as January 26, 2023[3]. The breach compromised the personal and protected health information of over 25,000 individuals[1][3].

The types of information that were potentially accessed include names, dates of birth, Social Security numbers, addresses, driver’s license numbers, protected health information, and financial account information[1]. ASAS Health began notifying affected individuals on May 8, 2023, and offered identity theft protection services through Experian IdentityWorks for a duration of 12 months[1][15].

ASAS Health, LLC is a multi-specialty healthcare practice that offers services such as pediatrics, endocrinology care, and treatment of kidney disease. The practice includes about seven physicians, a chiropractor, and three nurse practitioners, employs more than 27 people, and generates approximately $6 million in annual revenue[1][3].

The breach at ASAS Health, LLC is part of a larger trend of cyberattacks targeting healthcare providers, as these organizations maintain vast amounts of sensitive patient data[1]. Individuals affected by the breach were advised to review their account statements for signs of fraud or unauthorized activity and to monitor their credit reports for signs of identity theft[3].

Citations:

  1. https://www.jdsupra.com/legalnews/asas-health-llc-notifies-more-than-25k-1998723/
  2. https://americanstaffing.net
  3. https://www.turkestrauss.com/2023/05/11/asas-health-data-breach-investigation/
  4. https://www.sas.com
  5. https://www.myinjuryattorney.com/asas-health-llc-data-breach/
  6. https://www.sabic.com/en
  7. https://healthitsecurity.com/news/new-mexico-department-of-health-data-breach-exposes-decedent-health-information
  8. https://www.asam.org
  9. https://apps.web.maine.gov/online/aeviewer/ME/40/cccbf408-3655-4da4-85b5-fbdbd0246616/2e4caebd-51c6-42ab-b891-137ec3133465/document.html
  10. https://www.aramco.com
  11. https://www.hipaajournal.com/may-2023-healthcare-data-breach-report/
  12. https://www.gulfood.com
  13. https://www.linkedin.com/pulse/behind-hospital-curtain-why-phi-hot-topic-yisie
  14. https://www.obama.org
  15. https://proteuscyber.com/privacy-database/news/7312-office-of-the-maine-ag-consumer-protection-privacy-identity-theft-and-data-security-breaches
  16. https://www.edx.org/learn/r-programming/harvard-university-data-science-r-basics
Breach Submission Date May 06, 2023
Converted Entity Name ASAS Health, LLC
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 25,527
Breach Type Hacking/IT Incident

Breach Information Location Desktop Computer, Laptop, Network Server

Business Associate Present Yes