Equinox has notified over 21,000 patients and staff their data has been leaked as a result of a cyber attack.
The healthcare service has started notifying those affected of a ‘data security incident’ that took place in April 2024.
Equinox provides mental health and substance abuse treatment services as well as domestic violence support, food and housing and other community services in New York. This data is incredibly sensitive, making it highly valuable to cyber criminals.
The stolen data contains personal information such as names, addresses, social security numbers and other government identification numbers including things like drivers license and passport numbers. It also contains financial account information related to health insurance. It unfortunately also contained information about medical treatment, medications and individual diagnosis.
Equinox have confirmed that they will be notifying those affected directly by physically mailing their home address as well as ‘providing resources’.
Lockbit, a notorious cyber gang, listed the Equinox data breach on their dark web leak site, stating that they had stolen 49GB of data.
What to do if you’ve been impacted by the Equinox Data Breach?
Having highly personal data compromised can be extremely distressing. If your information has been leaked Equinox will have notified you directly through a letter sent to your home address.
The Equinox team has already set up a call center to answer questions about the data breach and address concerns. This phone line is available by calling (866) 531-3185 between the hours of 9:00 a.m - 9:00 pm EST, Monday - Friday.
Their notification letter suggests that the first step you should take is to review your account statements. If you detect any unusual or suspicious activity, notify your bank as well as law enforcement immediately.
Be aware that your information being compromised can make you a target for social engineering and phishing scams. These scams involve impersonating trusted organizations or individuals using information they already have about you as a result of the leak to convince you to hand over money or further details. Be skeptical of anyone asking you for information.
Update all passwords and enable multi-factor authentication on as many accounts as possible, especially social media accounts as well as banking and email.
Make sure you also keep a close eye on your bank and credit card statements for any unusual activity and report any suspicious transactions immediately and consider freezing your cards and credit.
Organizations must make sure to keep up with the latest trends and best practices in cybersecurity to prevent similar data breaches impacting their clients, customers and staff.
