Posted On May 17, 2022 Consumer Privacy & Data Breaches
May 17, 2022 – Behavioral Health Partners Metrowest (“BHPMW”) reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the Social Security Numbers, date of birth, medical/health insurance information, along with other information of certain individuals was compromised. The Behavioral Health Partners Metrowest data breach is believed to have impacted as many as 11,288 individuals. On May 11, 2022, Behavioral Health Partners of Metrowest sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Behavioral Health Partners of Metrowest, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form, for a free case evaluation.
Below is a portion of the letter that Behavioral Health Partners of Metrowest sent to individuals affected by the data breach:
Dear <<FIRST NAME>> <<LAST NAME>>,
Behavioral Health Partners of MetroWest (“BHPMW”) is writing to inform you of a recent data security incident that may have involved your personal information. BHPMW operates a Behavioral Health Community Partner Program under contract with MassHealth and in collaboration with five provider agencies – Advocates, Family Continuity, SMOC, Spectrum Health Systems, and Wayside Youth and Family Support. Your information may have been shared with BHPMW in connection with your participation in the <<ACO>> plan. At BHPMW, we take the privacy and security of all of information in our possession very seriously. We want to notify you of the incident, provide you with steps you can take to help protect your personal information, and offer you complimentary credit monitoring and identity protection services.
What Happened? On October 1, 2021, BHPMW discovered it was the victim of a sophisticated cybersecurity attack affecting the BHPMW network. Upon discovering this activity, we took steps to secure our digital environment. We also engaged a leading cybersecurity firm to assist with an investigation to determine whether personal information may have been accessed or acquired without authorization in conjunction with the attack. The investigation revealed that an unknown actor gained access to and obtained certain data from the BHPMW network between September 14, 2021 and September 18, 2021. On April 5, 2022, we determined that some of your personal information may have been involved in this incident.
What Information Was Involved? The information that may have been impacted includes your name, Social Security Number, date of birth, medical information, health insurance information, and other information.
What Are We Doing? As soon as we discovered this incident, we took the steps referenced above. We also implemented additional security features to reduce the risk of a similar incident occurring in the future. We also notified the Federal Bureau of Investigation and will provide whatever cooperation is necessary to hold the perpetrators accountable, if possible. We are further notifying you of this event and advising you about steps you can take to help protect your information. In addition, out of an abundance of caution, we are offering you complimentary credit monitoring and identity protection services for 24 months through IDX, a national leader in identity theft protection. IDX’s services include 24 months of credit monitoring, CyberScan dark web monitoring, a $1 million identity fraud loss reimbursement policy, and fully managed identity theft recovery services. With this protection, IDX will help you resolve issues if your identity is compromised.
