American Addiction Centers, a prominent rehabilitation organization in Brentwood, Tennessee, recently experienced a significant data breach affecting the personal information of 410,747 current and past patients.

Details of the Breach

In response to inquiries, the Maine Attorney General received notification letters confirming the breach compromised sensitive data—including names, contact information, birth dates, medical record numbers, Social Security numbers, and health insurance details. Financial and treatment information appears to have been unaffected.

Scope of the Impact

The breach impacted data from American Addiction Centers and its affiliated entities, including AdCare (MA & RI), the Greenhouse (TX), Desert Hope Center (NV), Oxford Treatment Center (MS), Recovery First (FL), Sunrise House (NJ), River Oaks Treatment Center (FL), and Laguna Treatment Hospital (CA).

Incident Timeline

The attack was discovered around September 26, 2024. A subsequent probe revealed that unauthorized access occurred from September 23 to 24, 2024, during which sensitive patient files were exfiltrated.

Immediate Actions

American Addiction Centers engaged external cybersecurity experts to assess the situation immediately and informed law enforcement. Measures were already in place before the breach, and additional security protocols are planned to further protect patient data.

Notifications

Affected individuals were informed via mail on December 23, 2024. As a precaution, victims were offered a year of complimentary credit monitoring and related financial protection services.

Perpetrators

Although the notification did not identify the attackers, the Rhysida ransomware group took responsibility. Known for targeting healthcare institutions, Rhysida has executed attacks on Prospect Medical, Lurie Children’s Hospital, and Axis Health System.

Data Leakage

After failing to sell the stolen 2.8 TB of data, Rhysida published it on their data leak site. Affected individuals are urged to activate the provided credit protection services promptly and vigilantly monitor their financial activities. The swift identification and containment of the breach, coupled with ongoing enhancements to security, highlight the critical nature of robust cybersecurity in healthcare sectors.

The link has been copied!