Posted On August 8, 2022 Consumer Privacy & Data Breaches
On August 5, 2022, Centerstone reported a data breach after the company discovered that an unauthorized party was able to gain access to multiple employee email accounts, as well as all attachments. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to the following data types: names, addresses, Social Security numbers, dates of birth, client identification numbers, medical diagnosis and treatment information, and health insurance information. After confirming that consumer data was leaked, Centerstone began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Centerstone data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Centerstone.
According to a press release issued by the company, on February 14, 2022, Centerstone identified what appeared to be suspicious activity within its email system. In response, the company secured all employee email accounts and launched an investigation into the incident. The company’s investigation confirmed that an unauthorized party had access to three employee email accounts between November 4, 2021 and February 14, 2022—a period of more than three months.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, Centerstone then reviewed the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, address, Social Security number, date of birth, client ID, medical diagnosis and treatment information, and health insurance information.
On August 5, 2022, Centerstone sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Based in Nashville, Tennessee, Centerstone is a non-profit health system providing mental health and substance abuse disorder treatments through counseling, care, and various treatment programs. Centerstone also provides medical care and pharmacy services, crisis services, residential services and therapeutic foster care services. Centerstone operates more than 170 locations nationwide, most of which are located in Indiana, Tennessee, Illinois, Kentucky, and Florida. Centerstone employs more than 35,00 people and provides care for more than 120,000 patients each year.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the Centerstone data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a copy of the initial data breach letter issued by Centerstone (the actual notice sent to consumers can be found here):
Centerstone, a nonprofit health organization that provides mental health, addiction recovery, residential care, therapeutic foster care, counseling, and crisis services across the country, has learned of a data security incident that may have involved personal and protected health information belonging to certain current and former Centerstone clients. Centerstone has sent notification of this incident to potentially impacted individuals and is providing resources to assist them.
On February 14, 2022, Centerstone detected unusual activity involving its email environment. Upon discovering this activity, Centerstone took immediate steps to secure its email environment and launched a thorough investigation to determine the scope of the issue. The investigation determined that an unknown actor gained access to and may have obtained a limited amount of data from three employee email accounts between November 4, 2021 and February 14, 2022.
As a result, Centerstone undertook a comprehensive review of the full contents of the email accounts to identify whether any individual information was contained therein. Centerstone’s review concluded on July 12, 2022, at which time Centerstone learned that the email accounts contained certain personal and protected health information. In response, Centerstone immediately initiated a diligent search to identify current contact information needed to notify potentially impacted individuals.
Centerstone currently has no evidence of the misuse of any information potentially involved in this incident. However, beginning on August 2, 2022, Centerstone notified potentially affected individuals directly via letter. In so doing, Centerstone provided information about the incident and about steps that potentially impacted individuals can take to protect their information.
The following personal and protected health information may have been involved in the incident: name, address, Social Security number, date of birth, client ID, medical diagnosis / treatment information, and/or health insurance information.
The privacy and protection of personal and protected health information is a top priority for Centerstone, which deeply regrets any inconvenience or concern this incident may cause. Centerstone is working to implement additional safeguards to help ensure the security of its email environment and to reduce the risk of a similar incident from occurring in the future. Centerstone has also established a toll-free call center to answer questions about the incident. Call center representatives are available Monday through Friday from 8:00 a.m. – 8:00 p.m. Central Time, excluding holidays and can be reached at 1-833-764-0234.