R&B Corporation of Virginia d/b/a Credit Control Corporation
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
R&B Corporation of Virginia, doing business as Credit Control Corporation (CCC), experienced a significant data breach that was first detected on March 7, 2023, when the company noticed unusual activity within its network. CCC promptly isolated the affected systems and engaged third-party forensic specialists to conduct a comprehensive investigation. The investigation revealed that an unauthorized party had accessed and copied certain files from CCC’s network between March 2 and March 7, 2023[1][2][3][7].
The data breach affected over 286,000 individuals, including 20 residents of Maine[3][5]. The compromised information included names, addresses, Social Security numbers, and details related to individuals’ accounts with CCC’s business partners, such as account numbers, balances, and dates of service[1][3]. This breach has the potential to expose affected individuals to identity theft and fraud.
CCC is a vendor that provides debt collection services to various entities, including many healthcare providers. The breach impacted multiple healthcare organizations, such as Sentara Health System, Riverside Health System, UVA Health System, and others[1][3].
In response to the breach, CCC reported the incident to federal law enforcement, notified affected business partners, and began notifying individuals whose information was compromised. CCC also offered credit monitoring and identity theft protection services for a year to help mitigate the risk of identity theft and fraud[1][7].
Affected individuals were advised to remain vigilant by monitoring their account statements, explanation of benefits forms, and credit reports for any suspicious activity. They were also encouraged to consider placing fraud alerts or credit freezes on their credit files[1].
A class action lawsuit was filed against CCC, alleging that the data breach was a foreseeable result of the company’s failure to implement adequate data security measures[6]. The lawsuit aims to represent individuals whose personal information was compromised as a result of the breach.
For more information or assistance, CCC established a dedicated assistance line and provided resources on how to protect personal information[1].
Citations:
- https://creditcontrol.net/notice-of-data-incident/
- https://www.idstrong.com/sentinel/ccc-suffered-data-breach/
- https://healthitsecurity.com/news/data-breach-at-debt-collection-agency-impacts-multiple-healthcare-providers
- https://creditcontrol.net
- https://apps.web.maine.gov/online/aeviewer/ME/40/6a11760a-5f54-4fa7-b222-f74eed5cf516.shtml
- https://www.classaction.org/news/credit-control-corporation-facing-class-action-over-march-2023-data-breach
- https://www.hackread.com/credit-control-corporation-data-breach/
- https://youtube.com/watch?v=i8EyXSXKoY4
- https://www.mass.gov/doc/assigned-data-breach-number-29610-rb-corporation-of-virginia-dba-credit-control-corporation/download
- https://www.13newsnow.com/article/money/consumer/data-breach-may-impact-many-virginia-hospitals-and-doctors-offices/291-ffbe89e8-dd54-43de-af1c-ca3260d6138f
- https://www.pilotonline.com/2023/05/15/data-leak-may-affect-patients-of-multiple-virginia-health-care-providers/
- https://oag.ca.gov/privacy/databreach/list
- https://www.gs-legal.com/blog/2023/05/rb-corporation-of-virginia-d-b-a-credit-control-corporation-ccc-data-breach-investigation/
- https://www.hipaajournal.com/credit-control-corporation-va-data-breach/
- https://www.lawampm.com/rb-corporation-of-virginia-data-breach/
- https://www.peifferwolf.com/rb-corporation-virginia-ccc-data-breach-warning/
- https://www.mass.gov/doc/assigned-data-breach-number-29610-rb-corporation-of-virginia-dba-credit-control-corporation-additional-information/download
- https://uvahealth.com/patients-visitors/forms/vendor-breach
- https://www.myinjuryattorney.com/credit-control-corporation-data-breach/