Data Breach at American Addiction Centers Exposes Personal Information of Over 422,000 Individuals

VPN
data breach
0


American Addiction Centers (AAC), a leading provider of substance abuse treatment services across multiple U.S. states, has reported a significant data breach compromising the personal information of more than 422,000 individuals.

Source: SecurityWeek

Incident Overview

The breach was detected on September 26, 2024, when AAC identified unauthorized access to its computer network. Investigations revealed that attackers had infiltrated the system between September 23 and September 26, during which they exfiltrated sensitive data.

Source: JD Supra

Compromised Information

The exposed data includes:

  • Names
  • Addresses
  • Phone numbers
  • Dates of birth
  • Social Security numbers
  • Health insurance information

Notably, AAC has stated that financial information and details of medical treatments were not compromised in the breach.

Source: HIPAA Journal

Perpetrators and Data Exposure

The Rhysida ransomware group has claimed responsibility for the attack. After unsuccessful extortion attempts, the group reportedly leaked approximately 2.8 terabytes of data stolen from AAC’s systems.

Source: SC World

AAC’s Response and Legal Actions

In response to the breach, AAC has begun notifying affected individuals and is offering complimentary credit monitoring services to mitigate potential risks. Additionally, the organization is facing legal scrutiny, with investigations underway regarding potential violations of federal health privacy laws due to the failure to protect patient data.

Source: Bloomberg Law

Recommendations for Affected Individuals

Those impacted by the breach are advised to:

  • Monitor financial accounts and credit reports for any unusual activity.
  • Consider placing fraud alerts or credit freezes to prevent unauthorized credit applications.
  • Be vigilant for phishing attempts or suspicious communications that may arise from the exposed personal information.

About Rhysida Ransomware Group

Active since May 2023, the Rhysida ransomware group has targeted various sectors, including healthcare, education, and manufacturing. Their modus operandi involves encrypting victim data and demanding ransoms, with a propensity to leak stolen data if their demands are unmet.

Source: Ransomware Live

Conclusion

This incident underscores the critical importance of robust cybersecurity measures, especially within healthcare organizations handling sensitive personal information. Affected individuals should take proactive steps to safeguard their personal data, while organizations must continually assess and enhance their security protocols to prevent such breaches.



Source link

[wp-stealth-ads rows="2" mobile-rows="2"]
You might also like
VPN

Personal Information of 66,700 Customers Allegedly Exposed

VPN

TorGuard Private Cloud Review – Better than Normal VPN? Pros / Cons

VPN

Volkswagen Data Breach Exposes Sensitive Information of 800K Electric Vehicle Owners

VPN

How To Use Proton VPN in 2023 | Step-by-Step Tutorial For Beginner