Rainbow Dental Care, Company logo.
new facebook logo-blue twitter logo-blue download

Notice of Data Breach

 

Rainbow Dental Care, PLLC (“Rainbow”) takes the privacy and security of its patients’ information very seriously. We are advising our patients that a security breach occurred last year. Patients should review the information provided in this notice for steps they can take to protect themselves.

 

What Happened

 

Rainbow suffered a ransomware attack to information in its server on or around Monday, February 3, 2019. The attack was discovered on February 4, 2019. Upon further investigation, Rainbow did not find evidence that data or information was removed from the server as a result of the attack. Also, Rainbow is not aware of any patient information being used in an inappropriate manner. However, out of abundance of caution, Rainbow is notifying all potentially affected patients about this incident.

 

What Information Was Involved

 

The information on the server included the patients’ full name, address, telephone number, date of birth, age, Social Security number, insurance information, and dental records. Financial and credit card information was not affected by this incident.

 

What We Are Doing

 

Rainbow immediately segregated the affected server, upgraded its hardware and software, and identified and corrected the vulnerability. No unauthorized activity has occurred since implementing these changes. Federal agencies were notified about the incident, and the ransom was not paid. Rainbow continues to evaluate its security to prevent this kind of incident from occurring again.

 

Rainbow also is offering patients free credit monitoring services through MyIDCare, which includes 12 months of CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services.

 

What You Can Do

 

Patients should review the information about identity theft prevention, which is located below. Also, we encourage patients to enroll, free-of-charge, in MyIDCare services by calling free (833) 968-1678 or go to https://ide.myidcare.com/rainbow-protect. Please note the deadline to enroll is June 30, 2020.

 

For More Information

 

For more information please call toll free (833) 968-1678 or go to https://ide.myidcare.com/rainbow-protect

 

Information about Identity Theft Protection

 

1. Website and Enrollment. Visit https://ide.myidcare.com/rainbow-protect or call (833) 968-1678.

 

2. Activate the credit monitoring provided as part of each patient’s MyIDCare membership. The monitoring included in the membership must be activated to be effective. Note: You must have established credit and access to a computer and the internet to use this service. If you need assistance, MyIDCare will be able to assist you.

 

3. Telephone. Contact MyIDCare at (833) 968-1678 to gain additional information about this event and speak with knowledgeable representatives about the appropriate steps to take to protect your credit identity.

 

4. Review your credit reports. Remain vigilant by reviewing account statements and monitoring credit reports. Under federal law, you are entitled every 12 months to one free copy of your credit report from each of the three major credit reporting companies. To obtain a free annual credit report, go to www.annualcreditreport.com or call 1-877-322-8228. You may wish to stagger your requests so that you receive a free report by one of the three credit bureaus every four months.

 

If you discover any suspicious items and have enrolled in MyIDCare, notify MyIDCare immediately by calling or by logging into the MyIDCare website and filing a request for help.

 

If you file a request for help or report suspicious activity, you will be contacted by a member of the ID Care team who will help you determine the cause of the suspicious items. In the unlikely event that you fall victim to identity theft as a consequence of this incident, you will be assigned an ID Care Specialist who will work on your behalf to identify, stop and reverse the damage quickly.

 

5. Place Fraud Alerts with the three credit bureaus. If you choose to place a fraud alert, we recommend you do this after activating your ID Experts credit monitoring. You can place a fraud alert at one of the three major credit bureaus by phone and also via Experian’s or Equifax’s website. A fraud alert tells creditors to follow certain procedures, including contacting you, before they open any new accounts or change your existing accounts. For that reason, placing a fraud alert can protect you, but also may delay you when you seek to obtain credit. The contact information for all three bureaus is as follows:

 

Credit Bureaus

 

Equifax Fraud Reporting

1-866-349-5191

P.O. Box 105069

Atlanta, GA 30348-5069

www.equifax.com

 

Experian Fraud Reporting

1-888-397-3742

P.O. Box 9554

Allen, TX 75013

www.experian.com

 

TransUnion Fraud Reporting

1-800-680-7289

P.O. Box 2000

Chester, PA 19022-2000

www.transunion.com

 

It is necessary to contact only ONE of these bureaus and use only ONE of these methods. As soon as one of the three bureaus confirms your fraud alert, the others are notified to place alerts on their records as well. You will receive confirmation letters in the mail and will then be able to order all three credit reports, free of charge, for your review. An initial fraud alert will last for one year. Please Note: No one is allowed to place a fraud alert on your credit report except you.

 

6. Security Freeze. By placing a security freeze, someone who fraudulently acquires your personal identifying information will not be able to use that information to open new accounts or borrow money in your name. You will need to contact the three national credit reporting bureaus listed above to place the freeze. Keep in mind that when you place the freeze, you will not be able to borrow money, obtain instant credit, or get a new credit card until you temporarily lift or permanently remove the freeze. There is no cost to freeze or unfreeze your credit files.

 

7. You can obtain additional information about the steps you can take to avoid identity theft from the following agencies. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them.

 

Federal Trade Commission, Consumer Response Center, 600 Pennsylvania Avenue, NW Washington, DC 20580, 1-877-IDTHEFT (438-4338), www.ftc.gov/idtheft

 

California Residents: Visit the California Office of Privacy Protection (www.oag.ca.gov/privacy) for additional information on protection against identity theft.

 

Kentucky Residents: Office of the Attorney General of Kentucky, 700 Capitol Avenue, Suite 118 Frankfort, Kentucky 40601, www.ag.ky.gov, Telephone: 1-502-696-5300.

 

Maryland Residents: Office of the Attorney General of Maryland, Consumer Protection Division 200 St. Paul Place Baltimore, MD 21202, www.oag.state.md.us/Consumer, Telephone: 1-888-743-0023.

 

New Mexico Residents: You have rights pursuant to the Fair Credit Reporting Act, such as the right to be told if information in your credit file has been used against you, the right to know what is in your credit file, the right to ask for your credit score, and the right to dispute incomplete or inaccurate information.  Further, pursuant to the Fair Credit Reporting Act, the consumer reporting agencies must correct or delete inaccurate, incomplete, or unverifiable information; consumer reporting agencies may not report outdated negative information; access to your file is limited; you must give your consent for credit reports to be provided to employers; you may limit “prescreened” offers of credit and insurance you get based on information in your credit report; and you may seek damages from a violator. You may have additional rights under the Fair Credit Reporting Act not summarized here. Identity theft victims and active duty military personnel have specific additional rights pursuant to the Fair Credit Reporting Act.  You can review your rights pursuant to the Fair Credit Reporting Act by visiting www.consumerfinance.gov/f/201504_cfpb_summary_your-rights-under-fcra.pdf, or by writing Consumer Response Center, Room 130-A, Federal Trade Commission, 600 Pennsylvania Ave. N.W., Washington, D.C. 20580.

 

New York Residents: the Attorney General may be contacted at: Office of the Attorney General, The Capitol, Albany, NY 12224-0341; 1-800-771-7755; https://ag.ny.gov/.

 

North Carolina Residents: Office of the Attorney General of North Carolina, 9001 Mail Service Center

Raleigh, NC 27699-9001, www.ncdoj.gov, Telephone: 1-919-716-6400.

 

Oregon Residents: Oregon Department of Justice, 1162 Court Street NE, Salem, OR 97301-4096, www.doj.state.or.us/, Telephone: 877-877-9392

 

Rhode Island Residents: Office of the Attorney General, 150 South Main Street, Providence, Rhode Island 02903, www.riag.ri.gov, Telephone: 401-274-4400

 

All US Residents: Identity Theft Clearinghouse, Federal Trade Commission, 600 Pennsylvania Avenue, NW Washington, DC 20580, www.consumer.gov/idtheft, 1-877-IDTHEFT (438-4338), TTY: 1-866-653-4261.