Lassen Clinics Privacy Incident Notification - 12.23.24 | Learn more
On behalf of Dignity Health Lassen Medical Clinic - Red Bluff, located at 2450 Sister Mary Columba Dr, Red Bluff, CA 96080, and Dignity Health Lassen Medical Clinic - Cottonwood, located at 20833 Long Branch Dr, Cottonwood, CA 96022 (collectively referred to as the “Lassen Clinics”), we would like to inform the public about a data security incident that may have exposed certain patient protected health information. We take the protection and proper use of patient information very seriously.
On September 20, 2024, the Lassen Clinics learned there was an active cyber event on its IT network involving an unknown individual. The Lassen Clinics’ IT network was temporarily disabled and rendered inaccessible before the Lassen Clinics were able to restore it the next day. Upon learning of the security incident, the Lassen Clinics immediately took steps to secure its network and began an investigation with the assistance of an external forensics vendor. The investigation determined that an unauthorized third party gained access to the Lassen Clinics network between September 17, 2024 to September 20, 2024. On December 3, 2024, the Lassen Clinics learned that the unauthorized third party obtained copies of some of the data from its systems containing confidential patient medical information, however, the unauthorized third party did not acquire any data directly from the Lassen Clinics’ Electronic Medical Record (“EMR”).
Some information in the Lassen Clinics' records may have been accessed or acquired by an unauthorized third party. The information in the files may have included name, address, date of birth, drivers license number, financial account information, as well as medical and health insurance information. A small number of individuals may also have had a Social Security Number involved.
Upon learning of the event, the Lassen Clinics took quick action to protect its systems, contain the incident, open an investigation, and maintain continuity of health care. Once secured, systems were returned to the network with additional security and monitoring tools. To help relieve concerns and restore confidence following this incident, the Lassen Clinics secured the services of Kroll to provide call center support and credit monitoring at no cost to patients. Kroll is a global leader in risk mitigation and response, and their team has extensive experience helping people who have sustained an unintentional exposure of confidential data.
There are additional steps that can be taken to help protect yourself, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file.
We encourage anyone impacted to reach out to us if you have any further questions.
Other Important Information:
“Breach Help Consumer Tips from the California Attorney General” https://oag.ca.gov/privacy/other-privacy/breach-help-tips-for-consumers
For more information.
If you have questions, please call (866) 676-1911, Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time, excluding major U.S. holidays.
Protecting patient information is important to us. We trust that the services we are offering demonstrate our continued commitment to patient information security.
For information about patient privacy rights, please visit the website of the California Department of Justice, Privacy Enforcement and Protection Unit at www.privacy.ca.gov.
Contact information for the three nationwide credit reporting agencies:
Equifax, PO Box 740241, Atlanta, GA 30374, www.equifax.com, 1-800-685-1111
Experian, PO Box 2104, Allen, TX 75013, www.experian.com, 1-888-397-3742
TransUnion, PO Box 2000, Chester, PA 19016, www.transunion.com, 1-800-888-4213
Free Credit Report. It is recommended that you remain vigilant by reviewing account statements and monitoring your credit report for unauthorized activity, especially activity that may indicate fraud and identity theft. You may obtain a copy of your credit report, free of charge, once every 12 months from each of the three nationwide credit reporting agencies.
To order your annual free credit report please visit www.annualcreditreport.com or call toll free at 1-877-322-8228.
You can also order your annual free credit report by mailing a completed Annual Credit Report Request Form (available from the U.S. Federal Trade Commission’s (“FTC”) website at www.consumer.ftc.gov) to:
Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348-5281.
For Colorado, Georgia, Maine, Maryland, Massachusetts, New Jersey, Puerto Rico, and Vermont residents: You may obtain one or more (depending on the state) additional copies of your credit report, free of charge. You must contact each of the credit reporting agencies directly to obtain such additional report(s).
Fraud Alerts. There are two types of fraud alerts you can place on your credit report to put your creditors on notice that you may be a victim of fraud—an initial alert and an extended alert. You may ask that an initial fraud alert be placed on your credit report if you suspect you have been, or are about to be, a victim of identity theft. An initial fraud alert stays on your credit report for at least one year. You may have an extended alert placed on your credit report if you have already been a victim of identity theft and you have the appropriate documentary proof. An extended fraud alert stays on your credit report for seven years. You can place a fraud alert on your credit report by contacting any of the three national credit reporting agencies.
Security Freeze. You have the ability to place a security freeze, also known as a credit freeze, on your credit report free of charge.
A security freeze is intended to prevent credit, loans and services from being approved in your name without your consent. To place a security freeze on your credit report, you may use an online process, an automated telephone line, or submit a written request to any of the three credit reporting agencies listed above. The following information must be included when requesting a security freeze (note that, if you are requesting a credit report for your spouse, this information must be provided for him/her as well): (1) full name, with middle initial and any suffixes; (2) Social Security number; (3) date of birth; (4) current address and any previous addresses for the past 5 years; and (5) any applicable incident report or complaint with a law enforcement agency or the Registry of Motor Vehicles. The request must also include a copy of a government-issued identification card and a copy of a recent utility bill or bank or insurance statement. It is essential that each copy be legible, and display your name, current mailing address, and the date of issue.
Federal Trade Commission and State Attorneys General Offices. If you believe you are the victim of identity theft or have reason to believe your personal information has been misused, you should immediately contact the Federal Trade Commission and/or the Attorney General’s office in your home state. You may also contact these agencies for information on how to prevent or minimize the risks of identity theft.
You may contact the Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW, Washington, DC 20580, www.ftc.gov/bcp/edu/microsites/idtheft/, 1-877-IDTHEFT (438-4338).
