Menu

Notice of Data Security Incident

Smith, Gambrell & Russell, LLP (“SGR”) is notifying individuals of a data security incident that may have impacted their information. SGR is a law firm that provides services to primarily corporate clients and, in that capacity, may have been provided with personal information in the performance of services for the company identified below (the “Company”). SGR takes the privacy and security of all information seriously, and sincerely apologize for any concern or inconvenience this incident may cause impacted individuals.

What happened?

On January 28, 2024, SGR identified suspicious activity associated with part of its IT systems. SGR immediately implemented its incident response protocols, contacted law enforcement, and hired external computer forensic specialists and other consultants to address the incident and to investigate what occurred and what data may have been impacted. The investigation revealed there was unauthorized access to some documents on our system. SGR hired a vendor to review the impacted documents to identify any personal information. This review was recently completed. SGR informed the Company of the incident and worked with them to notify impacted individuals. SGR has no indication that any information was misused and is providing notice out of an abundance of caution.

What information was involved?

From the review, it appears that the impacted documents may have included individuals’ names, and some combination of the following: addresses, Social Security numbers, driver’s license numbers, government IDs, medical information such as treatment, diagnosis and medical history.

What SGR is doing and what you can do:

SGR has taken steps to prevent a similar incident from happening in the future. Since the incident, SGR deployed enhanced endpoint monitoring software, performed a global password reset, and implemented additional security controls. SGR also notified and is cooperating with law enforcement.

Impacted individuals should review credit reports, bank account and other financial statements, and immediately contact their financial institution if they identify suspicious activity. Individuals can find more information about protecting their identity from the Federal Trade Commission’s website: consumer.ftc.gov/features/identity-theft. In addition, SGR is offering credit monitoring and identity theft protection services through IDX.

Individuals should contact 888-844-6986 Monday through Friday from 9 am – 9 pm Eastern Time with any questions or to find out if they are eligible to enroll in the credit monitoring services.

SGR and the Company take very seriously the need to protect the privacy and security of all information in their respective care, and deeply regret any inconvenience or concern that this matter may cause.

Company: Fady Wanna, MD

Share via
Copy link
Powered by Social Snap