NYSARC Columbia County Chapter Provides Notice of Security Incident

NEW YORK, Sept. 16, 2022 /PRNewswire/ — NYSARC Columbia County Chapter (“NYSARC”) confirmed today that the firm experienced a data incident in July 2022 and will issue notices to affected individuals and relevant state and federal agencies about the incident.  

On July 19, 2022, NYSARC Columbia County Chapter (“NYSARC”) detected irregular activity on their systems that was consistent with a typical ransomware attack.  Out of an abundance of caution, NYSARC immediately began to remediate the situation including disconnecting systems, engaging data security and privacy experts, contacting law enforcement, and simultaneously beginning an investigation.  Due to the complexity of the attack, the investigation is still ongoing; however, out of an abundance of caution, NYSARC is providing this notice.

Based on the information NYSARC generally collects and maintains, names, addresses, date of birth, social security number, and/or other state identification number may potentially be involved.  Limited health information for clients may also be impacted.  However, the investigation is ongoing and specific details as to what categories of information were involved are not yet available.   Note that this describes general categories of information collected and maintained by NYSARC, and it likely includes categories that are not relevant to each individual.  As soon as NYSARC is able, individual notification letters will be mailed to affected individuals with further details.

Upon becoming aware of the Incident, NYSARC immediately implemented measures to further improve the security of their systems and practices. NYSARC worked with a leading privacy and security firm to aid in their investigation and response, and is reporting this incident to relevant government agencies. NYSARC also implemented additional security protocols designed to protect their network, email environment, and systems. 

The investigation is ongoing and the identities of individuals who were individually affected, if any, is not yet known.  However, out of an abundance of caution,NYSARC encourages individuals to remain vigilant against incidents of identity theft and fraud, to review account statements and explanation of benefits forms, and to monitor free credit reports for suspicious activity and to detect errors.  Under U.S. law, individuals are entitled to one (1) free credit report annually from each of the three major credit reporting bureaus. Additional information and resources are outlined below. 










Equifax Fraud Alert, P.O. Box 105069 Atlanta, GA 30348-5069 

Experian Fraud Alert, P.O. Box 9554, Allen, TX 75013 

TransUnion Fraud Alert, P.O. Box 2000, Chester, PA 19016 

Equifax Credit Freeze, P.O. Box 105788 Atlanta, GA 30348-5788 

Experian Credit Freeze, P.O. Box 9554, Allen, TX 75013 

TransUnion Credit Freeze, P.O. Box 160, Woodlyn, PA 19094 

Moreover, information regarding identity theft, fraud alerts, security freezes, and the steps an individual can take to protect personal information may be obtained by contacting the consumer reporting agencies, the Federal Trade Commission, or the appropriate state Attorney General.  The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261.  The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them.  Individuals can obtain further information on how to file such a complaint by calling 1-877-438-4338.  Individuals should file a police report if they are a victim of identity theft or fraud.  To file a report with law enforcement for identity theft, an individual will likely need to provide some proof that they have been a victim.

View original content:https://www.prnewswire.com/news-releases/nysarc-columbia-county-chapter-provides-notice-of-security-incident-301626524.html

SOURCE NYSARC Columbia County Chapter

Leave a Reply

Your email address will not be published.