The American College of Emergency Physicians said that members of its emergency physician professional group and other professional healthcare organizations the group manages were affected in a data breach, according to an April 9 news release.
Eight details:
- The ACEP manages other professional organizations in healthcare, including the Emergency Medicine Foundation, the Emergency Medicine Residents' Association and the Society for Emergency Medicine Physician Assistants.
- The data breach notice was sent out to current members of these organizations, former members and anyone who either purchased or donated to one of the organizations.
- On Sept. 7, ACEP discovered unusual activity on its systems and launched an investigation. The investigation discovered that credentials to ACEP's database servers were compromised by an unauthorized party.
- The database did not store any health or patient information, ACEP told Becker's. However, it did include member profile details, with some profiles including financial account information and Social Security numbers.
- The investigation found that data was breached between April 8 and Sept. 21, 2020.
- ACEP said there is no evidence the servers were subject to unauthorized access or acquisition.
- In response to the data breach, ACEP replaced the affected server, changed passwords, and added new cyber-monitoring and technical security safeguards.
- ACEP will provide one year of free credit monitoring and identity restoration services through Epiq.
"ACEP takes the security of member and customer information very seriously," an ACEP spokesperson told Becker's. "All members, customers and staff can continue to monitor recent credit transactions and are encouraged to contact the association immediately if any discrepancies are discovered."