Mom's Meals' parent company, PurFoods, discloses data breach
Mom’s Meals, a meal delivery service for individuals with chronic health conditions, has recently confirmed a significant data breach that has impacted more than 1.2 million people.
The breach notice, filed with the Maine attorney general, reveals that between January 16 and February 22, a cyberattack targeted Mom’s Meals, with its parent company
PurFoods revealed that certain files were encrypted as a result of the incident.
Indicators of data theft tools were also detected on the network, implying the possibility of ransomware involvement.
While the extent of data compromise is still being investigated, PurFoods admitted,
"We can’t rule out the possibility that data was taken from one of our file servers."
To address the breach, PurFoods enlisted the services of an external incident response firm.
Their investigation, concluded on July 10, confirmed that the affected files contained personal and protected health information of specific individuals.
The breach has affected a wide range of people, including recipients of Mom’s Meals packages, Medicare and Medicaid beneficiaries, self-paying members, and employees – both current and former.
The compromised information spans a vast array of sensitive data, such as names, Social Security numbers, financial details, medical records, health information, and more.
PurFoods commenced notifying impacted individuals on August 25. As per official records, approximately 1,237,681 individuals may have been affected by the breach.
The company has taken action by notifying law enforcement, as well as implementing enhanced security measures and employee training to prevent similar incidents in the future.
Steps for Safety and Precautions
Fortunately, PurFoods is offering those affected by the breach complimentary access to top-notch identity theft protection services through Kroll for the next 12 months. Impacted customers and employees will receive information regarding this service through email.
They can also consult PurFoods' data breach notification page for additional guidance, including steps like freezing their credit.
Considering the potential for phishing attacks and scams, affected parties are advised to exercise caution when interacting with emails, text messages, or phone calls from unknown sources. As hackers could exploit the acquired information, staying vigilant is crucial.
While a breach of this magnitude is concerning, it is reassuring to see that PurFoods is taking prompt and responsible action by providing affected individuals with free identity theft protection.