Alera Group Data Breach Exposes 156K Health Records, Delays Notifications
BankInfoSecurity
|
Contributed by: Drex DeFord
Summary
Alera Group, an Illinois-based insurance brokerage, has notified around 156,000 individuals that their protected health information was compromised in a data breach that occurred between July and August 2024, with notification delays extending into 2025. The unauthorized access to their IT environment exposed sensitive personal and medical data, including Social Security numbers and medical histories, raising concerns about compliance with HIPAA regulations. Regulatory attorney Aleksandra Vold emphasizes that lengthy review processes not only squander organizational resources but also elevate the risk of regulatory penalties and public distrust. This incident underscores the critical need for healthcare organizations to streamline breach response protocols and enhance their cybersecurity measures to protect patient information effectively.
