Connecticut-based Southeastern Council on Alcoholism and Drug Dependence is notifying 25,148 patients that their data was potentially breached during a February ransomware attack. On February 18, SCADD officials said they discovered some disruptions the network. A review determined a ransomware attack had compromised some of its systems. SCADD worked with a third-party forensics team to investigate. The investigation determined the compromised data included patient names, addresses, Social Security numbers, medical histories, and treatments. Officials said they could not rule out access. SCADD is currently in the process of notifying the impacted patients, who will receive a year of free credit monitoring and identity protection services.
Source: Health IT Security