Data Media Associates
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Data Media Associates, LLC (DMA), a company based in Alpharetta, Georgia, experienced a data breach involving their use of a third-party software platform called MOVEit. The breach was first identified on June 4, 2023, when DMA became aware of a critical vulnerability in MOVEit, as indicated by an alert from the Cybersecurity and Infrastructure Security Agency. DMA patched the system according to the developer’s instructions and initiated an investigation, which confirmed on June 30, 2023, that an unauthorized party had accessed and removed certain files from the MOVEit environment[1][3].
The compromised files contained sensitive consumer information, potentially including names, addresses, medical or health insurance information, and health insurance ID numbers, which in some cases may be the same as the victims’ Social Security numbers. The breach is believed to have impacted as many as 74,730 individuals[3]. DMA began sending out data breach notification letters to affected individuals on August 23, 2023[1][3].
Data Media Associates is a business that provides payment solutions and other services to clients in the healthcare industry, including statement and letter delivery services, revenue cycle management services, and electronic claims solutions. The company employs more than 62 people and generates approximately $11 million in annual revenue[1].
Following the breach, DMA has faced legal actions, including a class action lawsuit alleging failure to adequately safeguard consumers’ personal information[5]. Individuals affected by the breach have been advised to monitor their account statements and credit reports for signs of fraudulent activity and to consider enrolling in credit monitoring services if offered by DMA[7].
Citations:
- https://www.jdsupra.com/legalnews/data-media-associates-announces-moveit-9015131/
- https://www.databreachtoday.com
- https://www.myinjuryattorney.com/data-media-associates-data-breach-investigation/
- https://www.cisco.com
- https://www.classaction.org/news/data-media-associates-hit-with-class-action-over-data-breach-announced-in-august-2023
- https://www.kroll.com/en
- https://www.turkestrauss.com/2023/09/27/data-media-associates-data-breach-investigation/
- https://www.nar.realtor/about-nar/governing-documents/code-of-ethics/2024-code-of-ethics-standards-of-practice
- https://original.newsbreak.com/@openclassactions-com-1602283/3148382035405-did-you-receive-a-data-breach-notice-letter-from-data-media-associates
- https://www.usatoday.com/story/tech/columnist/komando/2023/04/20/delete-temu-app-cybersecurity-expert-advice/11667796002/
- https://www.mass.gov/doc/assigned-data-breach-number-30371-data-media-associates-llc/download
- https://www.intuit.com/privacy/statement/
- https://www.niagara-gazette.com/news/local_news/ub-dental-clinic-reports-data-security-breach-at-third-party-billing-service/article_9fb81a8a-3c59-11ee-8c36-f749efbd7604.html
- https://policies.google.com/privacy?hl=en-US
- https://www.hipaajournal.com/august-2023-healthcare-data-breach-report/
- https://www.dhs.gov