SETTLEMENT AGREEMENTSettlement Agreement • January 30th, 2023
Contract Type FiledJanuary 30th, 2023On or about October 22, 2021, Illinois Gastroenterology Group, P.L.L.C. (“IGG” or “Defendant”) discovered a cybersecurity disruption on its computer network. IGG launched an investigation, with the assistance of third-party cybersecurity specialists, to determine the nature and scope of the event. On or about November 18, 2021, the investigation determined that an unauthorized third-party cybercriminal gained access to IGG’s systems, and that information contained in those systems may have been compromised by the third-party threat actor. On or about March 22, 2022, IGG determined that the personally identifiable information (defined below), protected health information (defined below), and protected biometric information (defined below) of 227,943 individuals that it maintained on its systems may have been compromised in the Data Breach (as defined herein). On April 22, 2022, IGG reported to the Department of Health and Human Services that 227,943 individuals’ information had been com