BETHESDA, Md.--(BUSINESS WIRE)--Reznick Group, a top 20 national CPA firm, today announced that it has been informed by AssureCare Risk Management, Inc. (“ARM”), the former service provider of Reznick Group’s employee benefits plan from 2001-2006, that ARM has suffered a security breach of its computer server that may affect former and current Reznick Group employees and their spouse and/or dependents. Reznick Group previously contracted with Colonial Healthcare, Inc. (“CHC”) which has now been assumed by ARM.
Although this breach was not at all caused by, or the result of, any action or inaction by Reznick Group, the protection of personal information is of utmost importance to Reznick Group and it has taken the necessary precautions to safeguard the potentially impacted individuals.
ARM recently notified Reznick Group that on May 9, 2011 and May 10, 2011, unauthorized access by multiple external intruders was attempted successfully on ARM’s public cloud server. The ARM server contained personal information and protected health information relative to Reznick Group plan participants that ARM acquired while they were serving as the third party administrator. Such information included names, addresses, social security numbers, birth dates, and places of service – physician and hospital/facility names (linked with benefit payment information including type of service). The ARM server did not contain diagnosis information nor did it contain credit card information.
Reznick Group has notified the affected Reznick Group current and former employees and their spouses and dependents of the potential breach and has advised them to monitor all financial and health records. Reznick Group has offered a 12-month, three-bureau credit monitoring service at no cost to these individuals. Reznick Group has also advised the individuals affected to obtain a credit report, place a fraud alert, and /or place a security freeze on their credit report.
In addition, Reznick Group has filed a report with the U.S. Department of Health and Human Services as required by the Health Information Technology for Economic and Clinical Health (HITECH) Act.
ARM hired a computer forensic security investigation firm to review the incident. That firm was not able to find specific forensic evidence to establish if any of the data was copied, however, the unauthorized person(s) who had access to the server could have copied some or all of the data. The identity of the persons that conducted the unauthorized access is unknown. ARM has confirmed that the ARM server with the unauthorized access has been deactivated.
While Reznick Group has no evidence to suggest the information stored on the ARM Server has been misused, Reznick Group is, nevertheless, taking the above precautionary measures.
For the latest updates on any new information from the third party vendor, ARM, please visit ARM’s website at www.assurecare.com/security or call its toll-free number at 866-512-6897.
About Reznick Group
Reznick Group is a top 20 national public accounting firm providing accounting, tax and business advisory services to clients nationwide. The firm's industry experience includes affordable housing, financial services, renewable energy, non-profits, professional services, commercial real estate, and technology.