Solara Medical Supplies Notifying Individuals Affected by Data Breach

Solara Medical Supplies, LLC ("Solara") revealed that it's in the process of notifying individuals potentially affected by a data breach. On November 13, Solara stated that it had learned of a security incident back in late-June 2019. The medical supplies provider said that an unknown actor used a phishing attack to access some of its employees' Office 365 accounts between April 2 and June 20. With the help of third-party forensics experts, Solara launched a comprehensive investigation into the incident to determine what information resided in the affected employees' Office 365 accounts at the time of compromise. This investigation revealed that the incident might have exposed some individuals' personal information including their name, address, Social Security Number, medical data, health insurance details, Medicare ID and payment card credentials. Solara said that its concern for data security played a large role in informing its response. As quoted in a statement shared by PRNewswire:

Solara moved quickly to investigate and respond to this incident, assess the security of relevant Solara systems, and notify potentially affected individuals. This response included resetting relevant account passwords and reviewing and enhancing existing Solara policies and procedures to reduce the likelihood of a similar future event.

The company revealed that it's offering complimentary access to credit monitoring and identity protection services at no cost to those whose information might have been exposed. It's also urging those individuals to carefully monitor their credit reports and account statements for signs of suspicious activity that could be indicative of identity theft. The incident involving Solara Medical Supplies should serve as a reminder to all organizations to strengthen their email security. One way they can do this is by leveraging security awareness training to educate their employees about some of the most common types of phishing attacks. This resource can lay the foundation for organizations' ongoing training efforts.