CyberSecurity updates
2025-02-25 23:03:33 Pacfic

American Addiction Centers Data Breach - 29d
Read more: www.maine.gov

American Addiction Centers, a substance abuse treatment provider, has confirmed a significant data breach impacting 422,424 individuals. The breach, which occurred in September, involved unauthorized access to internal servers, leading to the exfiltration of sensitive personal information. This incident was initially reported to have affected 410,747 people, but the total number of impacted individuals was later revised upwards. The compromised data includes names, birthdates, phone numbers, email addresses, Social Security numbers, medical record numbers, and health insurance details.

The breach is believed to be linked to the Rhysida ransomware operation, which claimed to have exfiltrated approximately 2.8 TB of data. Following unsuccessful extortion attempts, the ransomware group leaked much of the stolen data. American Addiction Centers has notified affected individuals and offered identity theft protection services through Transunion/CyberScout for 12 months, while also confirming that no payment card or treatment data were impacted in the attack.