Cyber Attack at US Mental Health Services Provider Exposes Sensitive Info of Over 290,000 Individuals
Attackers stole protected health information (PHI) and personally identifiable information (PII) of 295,617 patients of Colorado Springs-based mental healthcare provider AspenPointe in a data breach, the company said.
According to a letter sent to victims, the criminals gained access to the organization’s network in September 2020.
“We recently discovered unauthorized access to our network occurred between September 12, 2020 and approximately September 22, 2020,” the letter reads. “We immediately launched an investigation in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to analyze the extent of any compromise of the information on our network.”
Following the investigation, which ended November 10, AspenPointe claims that the attackers exfiltrated highly sensitive patients’ data, including full names, date of birth, Social security numbers, Medicaid ID numbers, last visit dates, admission dates, discharge dates and diagnosis codes.
Although AspenPointe is “not aware of any reports of identity fraud or improper use of your information as a direct result of this incident,” patients are advised to place fraud alerts or a security freeze on their credit files and closely review their financial account statements for fraud.
The data breach has also forced AspenPointe to implement immediate password changes, additional endpoint protection, increased monitoring and firewall changes to their network.
“We continually evaluate and modify our practices and internal controls to enhance the security and privacy of your personal information,” AspenPointe added.
Additionally, the nonprofit organization said it will provide free 12-month identity-theft protection service for all impacted individuals, including credit monitoring and a $1 million insurance reimbursement policy. The data breach could have a serious psychological and financial impact on victims. Cyber thieves may use stolen healthcare records to make fake medical claims and steal insurance, attempt extortion by researching the victims or opening new credit lines using Social Security numbers and names.
Check now if your personal info has been stolen or made public on the internet, with Bitdefender”s Digital Identity Protection tool.
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021
June 22, 2022
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data
May 24, 2022
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight
April 15, 2022
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users
April 14, 2022