On August 9, 2024, siParadigm filed a data breach notification with the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) after discovering that confidential information provided to the company, including sensitive consumer information, had been subject to unauthorized access. Once the investigation is complete, siParadigm will begin sending data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you receive a data breach notice from siParadigm, it’s important to understand what’s been compromised and what you can do about it. A data breach lawyer can tell you more about how to protect yourself from becoming a victim of fraud or identity theft, and discuss your legal options following a siParadigm data breach. Check out our recent article on this topic for more information. here.
What caused the siParadigm data breach?
The siParadigm data breach was only recently announced, and we expect to see more information in the near future. Unfortunately, siParadigm’s filings with the U.S. Department of Health and Human Services’ Office for Civil Rights provide limited information about what led up to the breach. Additionally, siParadigm does not appear to have added a website notice or issued a press release discussing the incident.
So, all we know at this time is that siParadigm experienced a data security incident involving a “hacking/IT incident” of its network servers. After investigating the incident, siParadigm was able to determine that unauthorized parties gained access to certain files containing sensitive consumer information. However, it is possible that the breach was the result of a cyber attack against one of siParadigm’s third-party vendors.
In any event, after learning that sensitive consumer data was accessible to unauthorized third parties, siParadigm reviewed the breached files to determine what information was exposed and which consumers were affected. Unfortunately, siParadigm’s filing with HHS-OCR does not include a list of the types of information that was breached. However, once siParadigm has completed its investigation of the incident, it will be required to send data breach notification letters to all individuals affected by the recent data security incident. These notification letters should include victims with a list of their own information that was compromised.
More information about siParadigm
siParadigm is a business services company based in Pine Brook, New Jersey. siParadigm provides clinical laboratory services and is nationally certified by CLIA and CAP, as well as accredited by local licensing boards in several states. siParadigm’s tests are designed to detect tissue-based and liquid biopsy tests for solid tumors and blood cancers. siParadigm employs over 304 people and has annual revenues of approximately $35 million.
