Bako Diagnostics

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Bako Diagnostics Data Breach Overview

Bako Diagnostics, a laboratory based in Alpharetta, Georgia, experienced a data breach that was first discovered on December 28, 2021. The breach involved potentially unauthorized activity on the company’s computer network, which led to the access and possible removal of sensitive personal and medical information[1][2][5].

What Happened?

Between December 21 and December 28, 2021, an unauthorized party gained access to certain files and folders on Bako Diagnostics’ network. This access potentially allowed the unauthorized party to remove data containing consumer information[1][2].

What Information Was Compromised?

The compromised information may include:

  • Full names, dates of birth, addresses, telephone numbers, and email addresses

  • Social Security numbers, driver’s license numbers, and state ID numbers

  • Health insurance information, such as insurer names, plan and/or group numbers, and member numbers
  • Medical information, including medical record numbers, dates of service, provider and facility names, and specimen or test information
  • Billing and claims information, including financial account information[1][2][3][5].

Company’s Response

Upon discovering the breach, Bako Diagnostics took immediate steps to prevent further unauthorized activity and engaged a national forensic firm to investigate and assist with remediation efforts. The company has also enhanced its security and monitoring capabilities to minimize the risk of similar incidents in the future[1][4].

Legal and Consumer Actions

Several law firms are investigating claims on behalf of victims of the data breach, and Bako Diagnostics has begun sending out data breach notification letters to individuals whose information was compromised. Affected individuals are advised to remain vigilant by reviewing their account statements and monitoring their credit reports. Bako Diagnostics has also arranged for affected individuals to activate credit monitoring and identity restoration services provided by Kroll at no cost[1][2][3][4][7].

Reporting to Authorities

Bako Diagnostics notified the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) of the data security incident, affecting 25,745 individuals. The company has implemented additional security safeguards to prevent future incidents[5].

Conclusion

The Bako Diagnostics data breach is a significant incident that has potentially exposed sensitive personal and medical information. The company has taken steps to address the breach and is providing resources to help affected individuals protect themselves from identity theft and other fraudulent activities. Legal investigations are ongoing to determine the full extent of the breach and to provide recourse for those impacted.

Citations:

  1. https://www.jdsupra.com/legalnews/data-breach-alert-bako-diagnostics-5316822/
  2. https://www.msdlegal.com/blog/2022/02/bako-diagnostics-bakodx-data-breach-investigation/
  3. https://classlawdc.com/2022/03/11/data-breach-investigation-of-leaked-bako-diagnostics-patient-information/
  4. https://www.mass.gov/doc/assigned-data-breach-number-26045-bako-diagnostics/download
  5. https://www.dataguidance.com/news/usa-bakodx-notifies-ocr-data-breach
  6. https://casetext.com/case/bako-pathology-lp-v-bakotic-1
  7. https://www.thelyonfirm.com/blog/bako-diagnostics-data-breach/
  8. https://courts.delaware.gov/supreme/oralarguments/download.aspx?id=4227
Breach Submission Date Feb 25, 2022
Converted Entity Name Bako Diagnostics
Converted Entity Type Healthcare Provider
State GA
Individuals Affected 25,745
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes