Skip to Content (custom)

results

Epiq Supports Large Healthcare Provider with Breach Response after MOVEit Attack, Assists 2 million Impacted Patients within 5 Days

  • Case Study
  • General

Client Need

When a large healthcare provider experienced a MOVEit transfer attack, their forensic investigation provider determined that sensitive information of 2 million+ patients had been breached. Epiq was contacted by the organization, their insurer, and breach coach for support to immediately assess the impact of the breach and implement a response program within 5 business days.
 

Epiq solution

Epiq’s Cyber Incident Response team quickly launched a multi-faceted breach response program:

  • Incident identification: Validated the MOVEit attack and exfiltration of data with client’s forensic investigation provider.
  • Project management: Assigned a designated incident response project manager to guide the client through every stage and coordinate communication across all parties.
  • Data Review: Reviewed data to determine more than 2 million contacts had been impacted and would require notification, call center support, and monitoring.
  • Data Mining: The nature of the affected files required a manageable level of data mining within a short time frame.
  • Notification: More than 2 million contacts had been affected and required notification, call center support, and monitoring. While Epiq’s print and mail capacity is 2 million+ letters per day, in this case the client opted to send the letters out over the course of a week for a more even flow of incoming calls to the call center.
  • Call Center: Epiq’s 1,000+ highly-trained agents expertly managed a high volume of steadily incoming calls on an ongoing basis.
  • Credit Monitoring: Epiq offered several credit monitoring options including a new Medical Records monitoring solution which goes beyond traditional monitoring.
     

results and benefits

  • A complete notification, call center, credit monitoring and servicing program was in place for the client company within 5 days.
  • The notification letters to patients were seamlessly distributed quickly and accurately.
  • 90% of calls from concerned patients were answered within 3 minutes.
  • The client company enjoyed significant cost savings attributed to the pre-paid credit monitoring bulk purchase model.
  • The client company met and exceeded regulatory requirements and provided patients with the highest level of quality customer care.

 

Learn more about our Cyber Breach Notification Services