Business
Tandem Diabetes Care Announces Security Incident with Five Employee Email Accounts
SAN DIEGO--(BUSINESS WIRE)-- Tandem Diabetes Care, Inc. (NASDAQ: TNDM) today announced that it will be notifying its customers of an information security
About this update from Tandem Diabetes Care, Inc.
[{"type":"text","content":" SAN DIEGO--(BUSINESS WIRE)--\nTandem Diabetes Care, Inc. (NASDAQ: TNDM) today announced that it will be notifying its customers of an information security incident involving five Tandem employee email accounts.\n\n\nOn January 17, 2020, the Company learned that an unauthorized user gained access to an employee’s email account through a “phishing” incident. The Company immediately secured the account and began an investigation, utilizing the expertise of a leading cyber security firm. The investigation determined that a limited number of Company employee email accounts may have been accessed by the unauthorized user between January 17, 2020 and January 20, 2020. The investigation determined that some customer information was contained within these email accounts, including customer contact information, information related to the use of Tandem’s products or services, and/or clinical data regarding customer diabetes therapy, and in some very limited instances, customer Social Security numbers.\n\n\nThe Company has no indication that any customer information was accessed by the unauthorized user and there has been no indication that any customer information has been misused. In an abundance of caution, the Company will begin mailing letters to affected customers explaining the incident on March 17, 2020. The Company recommends that customers review billing statements from their healthcare providers and contact the provider if they are asked to pay for services not received. For those customers whose Social Security numbers were involved, the Company is offering a complimentary membership of credit monitoring and identity protection services.\n\n\n“We take the protection of our customer data very seriously, and regrettably, we did not meet the high standard we set to prevent this type of phishing attack from occurring,” said John Sheridan, president and chief executive officer. “We apologize this incident took place and are continuing to invest in cyber security and data protection safeguards. In addition, we are implementing additional email security controls and strengthening our user authorization and authentication processes.”\n\n\nExpenses associated with this incident, as well as additional security measures taken by the Company, are expected to be within its previously announced financial operating plans.\n\n\nCustomers impac...