Economic analysis and litigation support firm Greylock McKinnon Associates, Inc. (GMA) is notifying over 340,000 individuals that their personal and medical information was compromised in a year-old data breach.
The incident was detected on May 30, 2023, but it took the firm roughly eight months to investigate and determine what type of information was compromised and to identify the impacted individuals.
According to GMA’s notification letter to the affected individuals, a copy of which was submitted to the Maine Attorney General’s Office, both personal and Medicare information was compromised in the data breach.
“Your personal and Medicare information was likely affected in this incident. This information may have included your name, date of birth, address, Medicare Health Insurance Claim Number (which contains a Social Security number associated with a member) and some medical information and/or health insurance information,” the notification letter reads.
The compromised data, GMA says, was obtained by the US Department of Justice “as part of a civil litigation matter”. More than 340,000 individuals were affected by the data breach, the company told the Maine AGO.
The impacted individuals, however, are “not the subject of this investigation or the associated litigation matters”, the company tells the affected individuals.
GMA also says that it notified law enforcement of the incident, consulted with third-party specialists to respond to and resolve the attack, and that it deleted DOJ data from its systems.
The consulting firm is offering complimentary access to credit monitoring services and proactive fraud assistance to the impacted individuals.
GMA provides economic analysis and litigation support in civil litigation matters. The firm works with both domestic and international clients, including Fortune 100 companies, small businesses, law firms, government agencies, and regulatory commissions.
Related: US Cancer Center Data Breach Impacting 800,000