More than 1 million people may have had personal data compromised during a recent hacking of Zoll Medical’s systems.
That’s according to a notice that Zoll filed with the Main Attorney General, one of a number filed with federal and state agencies since the late January data breach.
Run out of Massachusetts, Zoll is an Asahi Kasei company. It makes a variety of advanced emergency care devices that provide defibrillation and cardiac monitoring, circulation enhancement and CPR feedback, supersaturated oxygen therapy, ventilation, and more.
According to an accompanying sample notice that Zoll sent to those affected, the company detected unusual activity on its internal network on Jan. 28. The company engaged in mitigation efforts, consulted with third-party cybersecurity experts, and notified law enforcement.
Within days, Zoll had determined that the data breach could have enabled hackers to gain access to customers’ personal health information — as well as their names, addresses, dates of birth, and Social Security numbers.
Zoll is providing complementary Experian IdentityWorks for 24 months for patients whose Social Security numbers were affected —and 36 months for current and former employees and their dependents.
This isn’t the first time that Zoll has suffered a data breach. More than four years ago, it experienced a data breach during an email server migration.