According to a press release, Personal Touch, a home health company located on Long Island, has reached a settlement with New York Attorney General Letitia James for $350,000 for a data breach that occurred in January of 2021 when a Personal Touch employee “opened a malware-infected file attached to a phishing email that allowed a hacker to gain access to Personal Touch’s network and collect patient and employee records from an unencrypted server.”

The incident compromised the personal information, including names, Social Security numbers and health information of 316,845 New Yorkers. In addition to the settlement, Personal Touch has to offer affected consumers with free identity theft protection and recovery services and to enhance its information security program.