AIDS Alabama has confirmed a data breach in their organization. The breach occurred between October 11, 2021, and August 9, 2022.
According to the notification letter, the AIDS Alabama data breach, unfortunately, includes sensitive personal information, including names, addresses, Social Security numbers, medical diagnoses, healthcare providers, health insurance details, email addresses, and services received.
AAI has taken immediate steps to address the situation. AIDS Alabama has been committed to helping people living with HIV/AIDS in Alabama for over 30 years.
The organization has been at the forefront of providing housing, policy and advocacy, supportive services, HIV prevention and education, as well as free and confidential HIV testing.
AIDS Alabama data breach: Investigation and Response
Upon discovering the AIDS Alabama data breach, AAI promptly initiated a thorough investigation in collaboration with experienced external cybersecurity experts.
Their extensive forensic analysis and document review revealed that certain files containing personal information might have been accessed or acquired by an unauthorized party.
Specifically, affected individuals should be aware that their full names, addresses, Social Security numbers, medical diagnoses, healthcare provider details, health insurance information, email addresses, and information about received services may have been compromised.
To learn more about the AIDS Alabama data breach, including any known threat actor participating in the attack, The Cyber Express has reached out to the organization. However, at the time of writing this, no official statement or response has been recorded.
AIDS Alabama cyberattack: Notification and Support
To uphold transparency and assist those affected, AAI began notifying individuals on September 22, 2023. Recipients of these notifications have been provided with essential guidance on safeguarding their information, including steps like placing a fraud alert or security freeze on their credit files and obtaining a complimentary credit report.
Upon learning about the AIDS Alabama data breach, AIDS Alabama, Inc. has implemented additional measures to bolster security and privacy. Furthermore, they continuously assess and refine their practices and internal controls to ensure the protection of personal data.
To ascertain the extent of the AIDS Alabama data breach and its implications, AAI engaged a reputable third-party digital forensics firm. Their investigation revealed that an unauthorized third party accessed the network during the specified period, potentially viewing or obtaining sensitive data. The AIDS Alabama cyberattack has been reported to the HHS’ Office for Civil Rights, with 1,922 individuals affected.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.