The Northwestern Illinois Area Agency on Aging has posted a breach notification of sorts on its web site. It doesn’t explain exactly what kinds of data or details on their clients were accessed, nor how many people had personal information accessed.
NIAAA’s electronically stored client data possibly was accessed sometime between March 5 to March 9, 2021 by unauthorized users. After a thorough analysis, NIAAA is unaware of any actual misuse of client personal information. However, we want to inform you about the incident and provide you with information about how you can protect yourself against possible misuse of your information.
While NIAAA does not believe that any of your personal data was taken, you may consider requesting a fraud alert and/or security freeze from the following agencies:
And that’s the notice, with the info on credit reporting agencies beneath it. The metadata show that the notice was created on May 26, 2021.
DataBreaches.net has emailed NWILAAA to ask a number of questions, including what data types were actually involved and whether it included any medical, health, or health insurance information. DataBreaches.net will update this if a response is received. As of today, there is no listing on HHS’s public breach tool, and it’s not clear whether NWILAAA is covered by HIPAA at all (that was also one of the questions put to them).