Threat Intelligence & Incident Response

ARcare – Notice of Data Privacy Incident

ARcare is notifying certain individuals of a recent data privacy incident that may impact the privacy of a limited amount of personal and/or medical information. ARcare is unaware of any misuse of individual information and is providing notice to potentially affected individuals out of an abundance of caution.

ARcare recently concluded its investigation into a data privacy incident involving a malware infection that impacted its computer systems and caused a temporary disruption to services. Upon learning of the incident, ARcare immediately worked to secure its systems and quickly commenced an investigation to confirm the nature and scope of the incident. The investigation determined that an unauthorized actor may have accessed and/or acquired some sensitive data during a period of unauthorized access to ARcare’s computer systems between January 18, 2022 and February 24, 2022. A thorough review of the contents of the affected data was subsequently performed to determine whether it contained any sensitive information and identify affected individuals.  On April 4, 2022, ARcare concluded the review and determined that personal information relating to individuals was in affected files.

Though it varies by individual, the types of personal and/or medical information that may have been accessed or acquired by the unauthorized actor included: names, Social Security numbers, driver’s license or state identification numbers, dates of birth, financial account information, medical treatment information, prescription information, medical diagnosis or condition information, and health insurance information. At this time, ARcare is unaware of any or actual or attempted misuse of the affected information as a result of this incident.

ARcare treats its duty to safeguard information as an utmost priority. ARcare responded immediately to this incident and worked diligently to provide potentially affected individuals with accurate and complete notice of the incident as soon as possible. With the assistance of third-party specialists, ARcare also took steps to enhance the security of its systems. As part of ARcare’s ongoing commitment to the privacy and security of information in its care, ARcare is reviewing existing policies and procedures and implementing internal training protocols to mitigate any risk associated with this incident and to better prevent future incidents.

On April 25, 2022, ARcare began notifying potentially impacted individuals and regulatory authorities, as required. Although ARcare is unaware of the misuse of any personal information impacted by this incident, individuals are encouraged to remain vigilant against incidents of identity theft by reviewing account statements, explanation of benefits, and monitoring free credit reports for suspicious activity and to detect errors. Any suspicious activity should be reported to the appropriate insurance company, health care provider, or financial institution. 

Individuals seeking additional information regarding this incident can call ARcare’s dedicated, toll-free number at (833) 783-1354, available Monday through Friday from 8am – 8pm Central time. Individuals may also write to ARcare directly at: 117 S. 2nd Street, Augusta, Arkansas 72006.

ARcare is committed to safeguarding personal information and will continue to work to enhance the protections in place to secure the information in its care.

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.

Related posts

The CyberWire and Dragos launch new podcast and newsletter

PR Newswire

Keysight Joins the Joint Cyber Defense Collaborative

Business Wire

Elastic introduces threat prevention for Windows & allied OS

Business Wire