(Indianapolis, IN) – The Indiana Attorney General's Office is going after a health care provider following a massive data breach that exposed Hoosiers to identity theft.
Apria is a provider of home medical equipment and related services throughout the United States. In September 2021, the FBI notified Apria that unauthorized third parties may have access to the company's systems. The intruders accessed millions of documents containing personal information. In addition to her employee email accounts, at least 42,000 Hoosiers were compromised. 1.8 million people were affected nationwide.
According to the Attorney General's Office, this unwanted third party has access to personal information such as social security numbers, birth certificates, credit and debit card information, medical history, addresses, and other identifiable data. I did.
“Patients should always be able to trust their health care providers,” said Attorney General Todd Rokita. “All Hoosier patients have the right to privacy, especially when it comes to their health care.”
The attorney general's lawsuit includes five complaints relating to various data security violations. The suit alleges that Apria failed to protect data and failed to notify customers more than a year and a half after suffering multiple security breaches.