TUCKAHOE, N.Y., Sept. 25, 2020 /PRNewswire/ -- Century
Specialty Script, LLC ("Century"), a specialty pharmacy which
provides an array of specific and personalized services in all
pharmacy related matters, announced today that it has taken action
after learning of a data security incident which may have
compromised the personal information and/or protected health
information of its customers. Century began providing notice
to all potentially impacted individuals on September 25, 2020.
What Happened? On or about July
28, 2020, Century became aware of a potential data security
incident involving unauthorized access to one of its employees'
Microsoft Office365 ("O365") email accounts. Century
immediately changed all passwords associated with the O365 account,
thereby terminating any potential unauthorized access. In an
abundance of caution, Century also changed all of its employees'
O365 passwords and implemented additional security measures to
prevent any similar incidents from occurring in the future, in
addition to the comprehensive security measures already in
place. Century simultaneously retained a forensic
investigation firm to determine the nature of the security incident
and identify any individuals whose personal information and/or
protected health information may have been compromised.
What Information Was Involved? Ultimately, while the
forensic investigation was unable to determine the dates of the
compromise, the investigation concluded that the data security
incident was limited to potential unauthorized access to a single
O365 account, and that any potential unauthorized access was
terminated on July 28, 2020.
The investigation also confirmed that the data security incident
was limited to the O365 environment. The data security
incident may have resulted in unauthorized access to
Century's customers' information including names, dates of birth,
address, contact information, prescription information, and
insurance information. Please note that financial information
and Social Security numbers were not impacted by this incident.
What Is Century Doing? As stated above, immediately upon
learning of potential unauthorized access, Century undertook
efforts to eliminate any potential unauthorized access by changing
all passwords associated with all of its O365 accounts and
implementing additional security measures to prevent any similar
incidents from occurring in the future, in addition to the
comprehensive security measures already in place. Century is
continuing to work closely with leading security experts to
identify and implement measures to further strengthen the security
of their systems to help prevent this from happening in the
future.
What Can Customers Do? Century is aware of how
important personal information and protected health information is
to its customers and their loved ones. Century began mailing
notification on September 25, 2020 to
all potentially impacted customers for whom Century had valid
mailing addresses. Century anticipates that it will take five
days for individuals to receive this notification letter. If
an individual does not receive a letter, but would like to know if
he or she was potentially impacted by this incident, or if an
individual has any questions or would like additional information,
they may call Century's dedicated assistance line at (888)
490-0906, Monday through Friday, 9:00 a.m.
to 9:00 p.m. Eastern Standard Time.
View original
content:http://www.prnewswire.com/news-releases/century-specialty-script-llc-notification-of-data-security-incident-301138448.html
SOURCE Century Specialty Script, LLC