Gurnee-based group of doctors report patient personal and financial data breach

Illinois Gastroenterology Group, located at 20 Tower Court in Gurnee. | Photo: Google Street View

Illinois Gastroenterology Group, based in Gurnee with offices throughout the Chicago area, said it recently suffered a security breach that exposed their patients’ private data and financial information.

The Illinois Gastroenterology Group (IGG) made the announcement on Friday and said it discovered unusual activity within its computer network on October 22.

IGG has offices in Gurnee, Highland Park, Lake in the Hills, Libertyville, Lindenhurst, Lake Bluff and more in suburban Chicago.

The company said it immediately launched an investigation with the help of third-party cybersecurity specialists to determine the nature and extent of the event.

In mid-November, the investigation determined that an “unauthorized actor” had gained access to certain company systems, IGG said.

Information in these systems may have been accessed or taken by the unauthorized actor, IGG added.

Last month, the company said it determined that the following personal information had been exposed: name, address, date of birth, social security number, driver’s license, passport, financial account information, payment card information , identification number assigned by the employer, medical information and biometric data.

IGG said it has not yet received any reports of fraudulent use of the personal information concerned.

“IGG takes this incident and the security of the personal information under its care very seriously. IGG acted quickly to investigate and respond to this incident, assess the security of its systems, and notify those potentially affected. In response to this incident, IGG has strengthened its network security policies and procedures,” the company said in its Friday statement.

“IGG accelerated the implementation of an enhanced managed security operations center, including the deployment of an endpoint detection and response platform in response to this event with policies enabled specifically for ransomware . IGG immediately reset passwords and employees with privileged access to sensitive systems were enrolled in our multi-factor authentication platform,” the statement added.

The company said it is also notifying potentially affected patients so they can take additional steps to protect their information.


Comments are closed.