It appears that SIU was impacted by the Accellion breach that has been in the tidings a set this past month. SIU is the first entity, however, to disclose that the incident impacted protected health info (PHI), although as DataBreaches.net reported, this site found what might be PHI in Jones Day’s dumped data. SIU does not appear on the clop threat actors’ dedicated leak site at the time of this publication. Here is SIU’s notification: The Southern il University school of Medicine, (SIU) is providing note pursuant to 815 ILCS 530/25 in connection with an incident that may have involved the personal information of certain Illinois residents. This mark will live supplemented, if necessary, with any new significant facts discovered subsequent to its submission. while SIU is notifying you of this incident, SIU does not forego any rights or defenses relating to the incident or this notice. NATURE OF THE INCIDENT AND corrective ACTIONS TAKEN SIU recently discovered that an unknown, unauthorized third party may have accessed an electronic file change service utilized by SIU for short periods of time on December 24, 2020, january 20, 2021, and January 21, 2021. Upon discovering the incident, SIU began an investigation, notified law enforcement, and has since shut down access to the service. Additionally, SIU engaged a forensic security firm to conduct an investigation of the incident and support the surety of SIUs network. On February 22, 2021, the forensic investigation confirmed that unauthorized access to the service occurred. SIU searched the documents for any personal information or protected health information. SIU determined that the documents contained personal info for certain individuals, including, depending on the individual, their name, engagement of birth, Social security number, drivers license number, medical treatment information, and medical insurance information. SIU is working to notify individuals and state and federal regulators as quickly as possible in accordance with state and federal law. SIU will arrange for complimentary identity theft protection services for those individuals whose Social Security numbers and/or drivers permission numbers were involved in the incident. If SIU determines the identity of the player who accessed SIUs system, SIU will notify the General assemblage in accordance with 815 ILCS 530/12(f). SIU is taking steps to reduce the risk of this type of incident occurring in the future, including terminating the utilize of this particular service. Please doh not hesitate to impinging me if you make any questions or if I can provide you with any further information concerning this matter. Very truly yours, Kate Cohen, JD, CHC, CHRC Chief Compliance policeman SIU school of medicine AFFECTED INDIVIDUALS If you have questions or are concerned that your information may experience been compromised, please call 855-908-1736. someone will be available to take your call Monday-Friday, 8 a.m.-5 p.m. FREQUENTLY ASKED QUESTIONS What happened? We recently discovered that an unknown, unauthorized third party may have accessed documents stored in an electronic file transpose service used by SIU Medicine. Upon discovering the incident, SIU began an investigation, and has since shut down access to the service. Additionally, SIU engaged a forensic security firm to direct an investigation of the incident. We have no intellect to believe that any personal information has been misused for the purpose of committing fraudulence or identity theft. Nevertheless, as component of our investigation, we searched for any personal information in the potentially accessed documents and we are notifying those individuals whose personal info was identified. Who did this? We doh not cognize the identity of the individual or individuals responsible for this incident. How fare i know if my information was affected? Individuals whose information was affected by this incident have already or will be notified by SIU. The notification will limit what information may have been included in the potentially accessed documents. If you believe your information may have been affected by this incident or have questions about the incident, please telephone 855-908-1736.