Data Media Associates

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Data Media Associates, LLC (DMA), a company based in Alpharetta, Georgia, experienced a data breach involving their use of a third-party software platform called MOVEit. The breach was first identified on June 4, 2023, when DMA became aware of a critical vulnerability in MOVEit, as indicated by an alert from the Cybersecurity and Infrastructure Security Agency. DMA patched the system according to the developer’s instructions and initiated an investigation, which confirmed on June 30, 2023, that an unauthorized party had accessed and removed certain files from the MOVEit environment[1][3].

The compromised files contained sensitive consumer information, potentially including names, addresses, medical or health insurance information, and health insurance ID numbers, which in some cases may be the same as the victims’ Social Security numbers. The breach is believed to have impacted as many as 74,730 individuals[3]. DMA began sending out data breach notification letters to affected individuals on August 23, 2023[1][3].

Data Media Associates is a business that provides payment solutions and other services to clients in the healthcare industry, including statement and letter delivery services, revenue cycle management services, and electronic claims solutions. The company employs more than 62 people and generates approximately $11 million in annual revenue[1].

Following the breach, DMA has faced legal actions, including a class action lawsuit alleging failure to adequately safeguard consumers’ personal information[5]. Individuals affected by the breach have been advised to monitor their account statements and credit reports for signs of fraudulent activity and to consider enrolling in credit monitoring services if offered by DMA[7].

Citations:

  1. https://www.jdsupra.com/legalnews/data-media-associates-announces-moveit-9015131/
  2. https://www.databreachtoday.com
  3. https://www.myinjuryattorney.com/data-media-associates-data-breach-investigation/
  4. https://www.cisco.com
  5. https://www.classaction.org/news/data-media-associates-hit-with-class-action-over-data-breach-announced-in-august-2023
  6. https://www.kroll.com/en
  7. https://www.turkestrauss.com/2023/09/27/data-media-associates-data-breach-investigation/
  8. https://www.nar.realtor/about-nar/governing-documents/code-of-ethics/2024-code-of-ethics-standards-of-practice
  9. https://original.newsbreak.com/@openclassactions-com-1602283/3148382035405-did-you-receive-a-data-breach-notice-letter-from-data-media-associates
  10. https://www.usatoday.com/story/tech/columnist/komando/2023/04/20/delete-temu-app-cybersecurity-expert-advice/11667796002/
  11. https://www.mass.gov/doc/assigned-data-breach-number-30371-data-media-associates-llc/download
  12. https://www.intuit.com/privacy/statement/
  13. https://www.niagara-gazette.com/news/local_news/ub-dental-clinic-reports-data-security-breach-at-third-party-billing-service/article_9fb81a8a-3c59-11ee-8c36-f749efbd7604.html
  14. https://policies.google.com/privacy?hl=en-US
  15. https://www.hipaajournal.com/august-2023-healthcare-data-breach-report/
  16. https://www.dhs.gov
Breach Submission Date Oct 09, 2023
Converted Entity Name Data Media Associates
Converted Entity Type Business Associate
State GA
Individuals Affected 2,035
Breach Type Unauthorized Access/Disclosure

Breach Information Location Paper/Films

Business Associate Present Yes