Albany Gastroenterology Consultants Reports Data Breach Exposing Sensitive Information of Over 55,000 Patients

Albany Gastroenterology Consultants, a healthcare provider based in Albany, New York, announced that a data security breach last year exposed the sensitive personal information of over 55,000 individuals.

 

Albany Gastroenterology Consultants is a premier digestive health practice in the Capital District, providing comprehensive gastroenterology services including treatment for hemorrhoids, hepatitis, colitis, Crohn’s disease, and expert colonoscopy care.

 

In a data security incident notice submitted to the Office of the Maine Attorney General, Albany Gastro said that on November 19, it identified unauthorised access within its internal network that  that disrupted access to certain critical systems. The healthcare provider immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“The investigation subsequently revealed certain personal information was accessed and acquired without authorisation by an unknown actor on or about November 10, 2024,” Albany

Gastro said.

 

The compromised data included names and other personal identifiers including Social Security Numbers. The filing with the Maine state regulator also states that Albany Gastro has identified at least 57,751 individuals impacted by the incident.

 

“As soon as Albany Gastro became aware of the incident, we took steps to secure our network environment and enlisted a leading, independent cybersecurity firm to conduct a forensic investigation. We also reported the incident to the FBI and will cooperate with any resulting investigation. In addition, we have implemented several measures to enhance our security posture and reduce the risk of similar future incidents,” the healthcare provider added.

 

While Albany Gastro found no evidence of the compromised information being misused, it has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

 

It has also offered one year of complimentary identity protection and credit monitoring services through IDX to all affected individuals.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Albany Gastro. The digestive health practice also did not share details on who was behind the attack, how much data was compromised, or whether it had received a ransom demand.