We received this public notice yesterday.
PUBLIC NOTICE: FLORIDA DEPARTMENT OF HEALTH
Tallahassee, Fla. – Following a recent cybersecurity incident impacting the Florida Department of Health (Department), the Department has begun direct outreach and notification to individuals who were potentially affected. Impacted individuals are being offered complimentary credit monitoring and identity theft protection services provided by the Department. Again, affected individuals should have received letters via mail stating the specific details on what personal data was impacted. If you have not received a letter and believe you may have been impacted, please contact our dedicated toll-free call center by dialing 866-997-1602.
WHAT HAPPENED? On June 26, 2024, the Department discovered a security breach in our network that led to unauthorized access to some of our data. This unauthorized access affected a limited number of our systems and resulted in the transfer of data from a specific location within our network. The Department immediately launched an investigation and collaborated with cybersecurity experts to determine the nature and scope of the breach. The Department also promptly informed law enforcement and referred the matter to the Florida Department of Law Enforcement for investigation.
The forensic cyber investigation revealed that unauthorized activity occurred on June 26, 2024.
WHAT INFORMATION WAS INVOLVED? The security breach in our network resulted in the unauthorized access of personal identifying and/or protected health information, such as a client’s name, date of birth, address, Social Security Number, banking information, credit card information, driver’s license number, passport number, military identification number, Nexus number, medical and dental history, medication/prescription information, provider/doctor/care coordinator name, insurance claim information, insurance coverage information, and passwords. The personalized letters sent to each individual by the Department include specific details regarding each individual’s impacted personal data.
WHAT WE ARE DOING. The Department takes its role in safeguarding personal information very seriously. As soon as the Department became aware of the breach, we promptly shut down the affected networks and isolated the compromised servers while implementing enhanced security measures to prevent further unauthorized access. We are collaborating with law enforcement and cybersecurity experts to thoroughly investigate the breach and mitigate its impact. We have notified both the Office of Legal Affairs and the U.S. Department of Health and Human Services’ Office of Civil Rights about the incident. Additionally, we are conducting an analysis to prevent future unauthorized access.
WHAT YOU CAN DO. To help protect the identity of those impacted, we have partnered with Kroll to offer complimentary identity and credit monitoring services for 12 months. These services include credit monitoring, web monitoring, $1 million identity fraud loss reimbursement, fraud consultation, and identity theft restoration.
We encourage those impacted to remain vigilant against identity theft and fraud by regularly reviewing their financial account statements and credit reports for any unusual activity. Please notify your financial institution immediately if you detect any unauthorized transactions or suspect identity theft. Be on the lookout for schemes where malicious actors may impersonate the Department or reference this incident.
FOR MORE INFORMATION. If you have any questions about this incident, please contact our dedicated call center by dialing toll-free 866-997-1602, Monday through Friday between 9 a.m. and 6:30 p.m. ET (excluding major U.S. holidays).
The Department takes the security of personal information very seriously. We are continuously enhancing our security measures to prevent such incidents in the future.
Photo by Michael Geiger on Unsplash