Nearly half a million people had data stolen after cyberattack on American Addiction Centers

Avatar

A September ransomware attack on American Addiction Centers exposed the sensitive healthcare information of more than 400,000 people. 

The company began mailing out breach notification letters ahead of the Christmas holiday, warning 422,424 people that Social Security numbers and health insurance information were among the data leaked during the attack. 

The company runs a network of addiction rehab facilities across California, Florida, Texas, Nevada, Massachusetts, Mississippi, New Jersey and Rhode Island. 

A spokesperson did not respond to requests for comment about whether it was a ransomware attack. The Rhysida ransomware gang — known for several other attacks on healthcare networks in the U.S. — claimed to have attacked American Addiction Centers on November 16. 

The attack was discovered on September 26 when AAC said it “learned it was experiencing a cybersecurity incident.” After notifying law enforcement and hiring experts, an investigation revealed that the hackers had stolen troves of data between September 23 and 26. 

A recent review outlined the data stolen from customers, which includes names, addresses, phone numbers, medical record numbers and more. Payment card data and treatment information were not included in the breach. 

The company also filed breach notices in Texas, where more than 26,000 people were impacted, as well as California

The Rhysida ransomware has targeted other major healthcare operations in the past, attacking a large U.S. hospital network last year and in February shutting down a children’s hospital in Chicago. 

The ransomware-as-a-service operation caused nearly unparalleled damage throughout 2024 with large-scale attacks on the cities of Seattle and Columbus, Ohio that had significant real-world impact. In October the group tried to extort $1.3 million from disability nonprofit Easterseals.

CybercrimeNewsNews BriefsPrivacy
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

FBI attributes largest crypto hack of 2024 to North Korea’s TraderTraitor

Next Post

Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts

Related Posts

PyPI Python Library “aiocpa” Found Exfiltrating Crypto Keys via Telegram Bot

The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date. By putting the
Avatar
Read More

Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown

Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an investigation that was launched in 2021 after the messaging service was discovered on the phone of a criminal convicted
Avatar
Read More