Last week, US Wellness announced it was the victim of a ransomware attack that may have involved protected health information belonging to members of its wellness clients.
The comprehensive wellness services company recently announced that on Jan. 31, a US Wellness' vendor experienced a security incident that disrupted access to certain systems. In response, US Wellness took immediate steps to secure its systems and promptly launched an investigation. On Feb. 9, 2023, US Wellness learned that certain personal and/or protected health information may have been impacted in connection with the incident.
“There is no evidence of the misuse of any information potentially involved in this incident,” the company said in a statement. “However, on March 22, 2023, and April 26, 2023, US Wellness sent notification letters to the individuals whose personal and/or protected health information was potentially involved in this incident, providing them with information about what happened and steps they can take to protect their information.”
The investigation revealed information that may have been involved in the incident included name, address, date of birth, member ID number and/or Social Security number. The company sent notification letters to potentially involved individuals to notify them about the incident and provide resources to assist them.