American Addiction Centers Data Breach Jeopardizes Identities of 422k People Featured
American Addiction Centers is notifying more than 422k people that their personal information was stolen in a recent data breach.
A class action lawsuit was filed American Addiction Centers (“AAC”) shortly after it announced that it was the target of a September cyberattack that claimed that identities and health information of more than 422,000 indviduals.
About American Addiction Centers
American Addiction Centers, based in Brentwood, Tennessee, provides inpatient and outpatient substance abuse treatment services through a network of rehabilitation facilities across multiple states. It employs over 2,700 people.
What Happened?
According to the Notification Letter sent to affected individuals, on or around September 26, 2024, AAC learned that it was experiencing a cybersecurity incident. AAC immediately launched an investigation and engaged leading third-party cybersecurity experts to assist. AAC contained the incident and notified law enforcement.
What Information was Stolen?
The investigation determined that an unauthorized party had taken personal identifying and health related client data from AAC’s systems between September 23 and September 26, 2024. Information exfiltrated from AAC’s systems include –
- name
- address
- phone number
- date of birth
- medical record number or other identifier
- Social Security number
- health insurance information
According to the Notice Letter mailed to affected individuals, the information exfiltrated did not include medical treatment information, or payment card data.
What is AAC Doing to Protect My Identity?
AAC advises that it has implemented additional protective measures to safeguard its systems to help prevent a reoccurrence. In addition, it is offering individuals affected by the breach 12 months of complimentary credit monitoring services.
What Can Hackers Do With My Information?
Stolen PII and PHI can be used to commit identity theft, open new credit accounts, make unauthorized purchases or obtain loans. Cybercriminals have recently targeted America’s essential industries and in so doing have forced millions of Americans to face the fallout from these attacks.
Leaked or stolen data can be sold on the dark web forums and may be used for fraud and medical identity theft, a type of fraud, where threat actors use stolen information to submit forged claims to insurers.
Clients affected by the breach are exposed to a heightened and imminent risk of fraud and identity theft. They must now and in the future closely monitor their financial accounts to guard against identity theft and fraud.
If you receive a data breach notification from AAC it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options at no cost to you. For more information, please review these recommendations.
Protect Your Identity. Join the American Addiction Centers Data Breach Class Action.
The lawsuit alleges that AAC breached its duties under common law and the Federal Trade Commission Act to implement reasonable security measures, comply with industry standards and federal data-security regulations, encrypt sensitive data, and provide adequate and timely notice of the breach.
If you receive a notification letter from AAC, you are at permanent risk of identity theft and the devastating financial and legal consequences that go along with it.
You may be eligible to participate in a class action lawsuit to recover compensation for loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more.
The lawsuit looks to cover anyone in the USA whose private information was compromised by the breach announced by AAC on December 23rd, 2024.
Please complete the form shown on this page and a data breach attorney will contact you. There is no cost to you.