DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Business associate of Maryland Developmental Disabilities Administration hacked in October

Posted on March 17, 2014 by Dissent

David Dishneau of Associated Press reports:

A state-licensed provider of services to developmentally disabled Marylanders says someone stole computerized Social Security and medical information for about 9,700 clients.

Frederick-based Service Coordination Inc. said Monday it learned of the security breach in October but didn’t notify affected individuals until Friday. The organization says part of the delay came at the request of the U.S. Justice Department to allow for a federal investigation.

Service Coordination says investigators have identified the alleged hacker and seized that person’s property.

Read more on Miami Herald.

A notification posted on the provider’s website today says:

Service Coordination Inc. (SCI) provides case management services to Maryland residents. In connection with those services, the Maryland Developmental Disabilities Administration (DDA) shares with SCI certain personally identifiable information and personal health information of Maryland residents in electronic form.

On October 30, 2013, SCI discovered that between October 20 and October 30, 2013, its computer systems had been hacked and that an individual had gained unauthorized access to those electronic files. Those improperly accessed files included the name of certain Maryland residents to whom SCI provides services, along with each of those individuals’ social security number, medical assistance number, Medicaid and Medicaid Waiver status and reason, DDA direct service provider, demographic and other information  related to SCI’s case management services.

Upon discovering this criminal, unauthorized access to its systems, SCI promptly engaged a cybersecurity forensics consultant, took steps to remedy the breach and prevent further unauthorized access, and alerted DDA, the FBI and the U.S Department of Justice. During the course of the ensuing criminal investigation, the Department of Justice required that notice to affected individuals be delayed so as not to impede their criminal investigation. That delay was recently lifted after law enforcement identified the alleged hacker, conducted a search of the alleged hacker’s home and seized certain of the alleged hacker’s equipment and accounts. SCI has now provided notice to affected individuals and others in accordance with applicable law, on behalf of DDA.

There is no current evidence of any misuse or further release of information by the hacker or others. To help protect affected Maryland residents from the possibility of identity theft and/or fraud as a result of this incident, SCI has engaged an identity theft protection firm, to provide affected individuals with a full year of identity theft protection services at SCI’s expense.

“We regret the occurrence of this unfortunate criminal incident and we apologize for any inconvenience this may have caused individuals who we work with. We continue our vigilant actions to safeguard the information of those who count on us for resource coordination services and we remain committed to supporting their needs,” said John Dumas, Executive Director of Service Coordination.

SCI urges affected Maryland residents to monitor account statements for unexplained, suspicious or unauthorized activity, obtain a free annual credit report at www.annualcreditreport.com, and to contact the Federal Trade Commission or the national credit reporting agencies—Equifax, Experian, and TransUnion—to obtain information about additional protections, such as fraud alerts and security freezes. Affected individuals may also contact the Consumer Protection Division of the Maryland Office of the Attorney General for Maryland-specific information.

 

No related posts.

Category: Health Data

Post navigation

← UK: Update: Man Held Over Morrisons Payroll Data Breach
Service Coordination Inc. also affected MD Department of Health and Mental Hygiene patients →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Chinese hackers suspected in breach of powerful DC law firm
  • Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities
  • CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
  • McDonald’s McHire leak involving ‘123456’ admin password exposes 64 million applicant chat records
  • Qilin claims attack on Accu Reference Medical Laboratory. It wasn’t the lab’s first data breach.
  • Louis Vuitton hit by data breach in Türkiye, over 140,000 users exposed; UK customers also affected (1)
  • Infosys McCamish Systems Enters Consent Order with Vermont DFR Over Cyber Incident
  • Obligations under Canada’s data breach notification law
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • DeleteMyInfo Wins 2025 Digital Privacy Excellence Award from Internet Safety Council
  • TikTok Loses First Appeal Against £12.7M ICO Fine, Faces Second Investigation by DPC
  • German court offers EUR 5000 compensation for data breaches caused by Meta
  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.