JFJ Eyecare, Ltd, d/b/a Quantum Vision Centers (“Quantum Vision Centers”) and Eye Surgery Center, LLC (“Eye Surgery Center”) are taking action after they became aware of an incident in which some of their systems were accessed by an unauthorized person. While there is no evidence that suggests that any data was actually taken, Quantum Vision Centers and Eye Surgery Center have mailed letters to individuals whose information may have been affected.
On April 18, 2019, Quantum Vision Centers and Eye Surgery Center became aware of an incident in which malware was introduced by an unauthorized person into some of their systems. The malware encrypted certain files, including on a server that contained patient protected health information. The types of affected data may include first and last name, date of birth, address, social security number, and information relating to health insurance coverage. There is currently no evidence that suggests this malware incident actually resulted in the acquisition of any personal information beyond its encryption, but that possibility cannot be conclusively ruled out.
What Quantum Vision Centers and Eye Surgery Center Are Doing
Quantum Vision Centers and Eye Surgery Center have taken steps to address this incident and to protect patients’ personal information from further unauthorized access, including by working diligently to contain the promulgation of the malware, and engaging a third-party forensics firm to investigate the scope and source of the incident. They also deployed back up measures to recover the data that had been encrypted by the malware and to ensure that the services to patients could continue with limited interruption. Quantum Vision Centers and Eye Surgery Center continue to work on ways to mitigate the risk of future such incidents. Out of an abundance of caution, they are providing patients that may have been affected by this incident with one year of credit monitoring services at no cost to them.
What Patients Can Do
Quantum Vision Centers and Eye Surgery Center encourages its patients to remain vigilant over the coming months and regularly review their bank and other financial account statements, as well as their credit report. Patients that have any reason to believe that they may be the victim of identity theft, or notice any suspicious activity on any of their accounts, should immediately notify the relevant institution, their local law enforcement agency, their state’s Attorney General, and the Federal Trade Commission.
JFJ Eyecare, Ltd, d/b/a Quantum Vision Centers
Eye Surgery Center, LLC