A press release from PSL Services in Maine (they are a HIPAA-covered entity):
Peregrine Corporation d/b/a PSL Services (“PSL Services”) today announced that a recent event may have impacted the security of personal information relating to certain residents of Maine. While PSL Services is still in the process of identifying impacted individuals in order to send any needed written notification letters regarding the incident, in an abundance of caution they are providing information to the media now about the event and steps individuals may take to better protect their information in the event they were impacted.
What Happened? On December 17, 2019, PSL Services discovered suspicious activity in an employee’s email account. PSL Services immediately launched an investigation into the nature and scope of the incident. As part of the investigation, which is being conducted with the assistance of a third-party forensic specialist, it was determined that a number of PSL Services’ employees’ email accounts were subject to unauthorized access for periods of time between December 16, 2019 and December 19, 2019. Therefore, PSL Services is undertaking a time-consuming review of the contents of the email accounts that were accessed to determine if they contain sensitive information.
What Information Was Involved? PSL Services determined that the type of information potentially at risk may vary by individual and that the following types of information could be impacted: name, address, date of birth, Social Security number, Driver’s license number, medical information and Maine Care number.
What PSL Services is Doing. PSL Services takes this incident and the security of information in its care very seriously. PSL Services is reviewing its existing security measures and working to implement additional safeguards to prevent similar incidents from occurring in the future. PSL Services is still in the process of reviewing the affected accounts to identify all individuals whose information was potentially impacted by this incident and will be providing written notice and access to free identity protection services to impacted individuals as soon as possible.
At this time, PSL Services has already notified the Office of Civil Rights at US Department of Health and Human Services, the Maine Attorney General, and prominent news media outlets throughout the state of Maine. PSL Services will also continue to notify other appropriate authorities as it learns more.