**From Press Release**
A company that provides research support and services to Berkeley Medical Center reports there has been a data breach.
An announcement from Westat, Inc. on Friday revealed a recent data privacy incident “May impact the privacy of some personal and/or medical information collected from Berkeley Medical
Center.”
Westat is unaware of any misuse of individual information but made the announcement “out of an
abundance of caution.”
Westat utilized MOVEit Transfer (“MOVEit”) third-party software to manage data it collected and/or
maintained on behalf of other organizations. On May 30, 2023, Westat detected unusual activity occurring
in its MOVEit instance. The following day MOVEit announced a vulnerability that had impacted
a large number of companies across various industries.
Specifically, data stored on the MOVEit server may have been copied without
authorization between May 28 and May 29, 2023.
Westat says it immediately took steps to ensure the security
of its environment, and with the assistance of third-party forensic specialists, conducted an investigation to
determine the nature and scope of the activity.
The review confirmed that certain information belonging to medical providers was present in the impacted data, and was accessed or
acquired during the MOVEit incident.
The types of personal information that may have been copied by the unauthorized actor include: medical
record number/identifier, date of birth, date and/or time of service, zip code, and condition or disposition.
Westat says it is notifying impacted medical providers and individuals
at the direction of certain impacted medical providers.
Any suspicious activity should be reported to the appropriate insurance company, health care provider, or financial institution.
Individuals seeking additional information regarding this incident can call Westat’s dedicated, toll-free
number at 1-888-566-8328, 9 am – 9 pm Eastern Time, Monday through Friday.
