Neurosurgical Associates of New Jersey
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Neurosurgical Associates of New Jersey, also known as Neurosurgeons of New Jersey, experienced a data security incident that was first detected on October 4, 2023, due to suspicious activity associated with one of their corporate email accounts. This incident potentially impacted the protected health information (PHI) of some patients. The organization took immediate action by implementing incident response protocols and engaging external cybersecurity experts to conduct a forensic investigation. However, the investigation could not conclusively determine whether any information in the email account was accessed or taken during the unauthorized access[1][4].
The information potentially compromised in the breach includes patient names, addresses, Social Security numbers, health insurance policy numbers, medical record numbers, patient account numbers, medical history, and treatment information. In response to the incident, Neurosurgeons of New Jersey has taken several steps to prevent future occurrences, such as conducting a global password reset and implementing multifactor authentication for any remote access to email. Additionally, they have offered credit monitoring and identity restoration services at no cost to impacted individuals whose Social Security numbers were affected[1].
The breach was officially reported to the U.S. Department of Health and Human Services Office for Civil Rights on December 4, 2023. Neurosurgeons of New Jersey began sending out data breach notification letters to all individuals whose information was affected by the incident[4]. The organization operates 11 locations throughout New Jersey and employs more than 28 people, generating approximately $7.6 million in annual revenue[4].
For those affected by the breach, it is recommended to remain vigilant for incidents of identity theft or fraud, including reviewing credit reports and financial statements for suspicious activity. Impacted individuals can also visit consumer protection websites for more information on how to protect their identity[1].
This incident underscores the importance of robust cybersecurity measures and the need for continuous vigilance to protect sensitive patient information against unauthorized access and potential cyber threats.
Citations:
- https://www.neurosurgeonsofnewjersey.com/data-security-incident/
- https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf?adobe_mc=MCMID%3D02408406485458979789220680779370557994%7CMCORGID%3DA8833BC75245AF9E0A490D4D%2540AdobeOrg%7CTS%3D1696377600
- https://www.medpagetoday.com/special-reports/features/107571
- https://www.jdsupra.com/legalnews/neurosurgeons-of-new-jersey-confirms-4963456/
- https://www.law.com/njlawjournal/2022/08/11/appeals-court-upholds-24-3m-jury-verdict-over-breach-of-implied-covenant-by-hospital/
- https://seculore.com/state/new-jersey/12-19-2023-nj-neurosurgical-associates-of-new-jersey/
- https://www.jdsupra.com/legalnews/data-breach-alert-new-jersey-brain-and-8133983/
- https://www.myinjuryattorney.com/neurosurgeons-of-new-jersey-data-breach-class-action-investigation-and-lawsuit-assistance/
- https://www.njcourts.gov/system/files/court-opinions/2023/atlanticneurosurgicalmotion_todismiss.pdf
- https://www.xitx.com/2023/12/neurosurgeons-of-new-jersey-cyberattack-lessons-about-safeguarding-patient-data/
- https://law.justia.com/cases/new-jersey/supreme-court/2005/a-75-03-opn.html
- https://law.justia.com/cases/new-jersey/appellate-division-unpublished/2022/a-2866-19.html
- https://healthitsecurity.com/news/nj-dialysis-center-neurosurgery-practice-both-face-cyberattacks
- https://casetext.com/case/comprehensive-neurosurgical-pc-v-valley-hosp-the-bd-of-trs-of-the-valley-hosp-valley-hosp-president-audrey-meyers-neurosurgical-assocs-of-nj-pc