Carolina Behavioral Health Alliance, LLC Confirms Data Breach Following Ransomware Attack | Console and Associates, P.C. | #malware | #ransomware

Recently, Carolina Behavioral Health Alliance, LLC confirmed that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on the company’s computer network. According to the CBHA, the breach resulted in the names, dates of birth, level of care, provider names, addresses, health plan identification numbers, genders, and Social Security numbers of certain plan members being compromised. On July 1, 2022, CBHA filed an official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Carolina Behavioral Health data breach, please see our recent piece on the topic here.

More Information About the Carolina Behavioral Health Data Breach

According to an official notice filed by the company, on March 20, 2022, CBHA learned that one or more hackers targeted the company through a ransomware attack. As a result of the attack, certain CBHA systems were disabled and accessible to the attackers. While CBHA was able to put a stop to the unauthorized access that same day, the company initiated an investigation into the incident to determine whether any sensitive consumer data was compromised.

The CBHA investigation confirmed that the unauthorized party had access to certain company files between the dates of March 19, 2022 and March 20, 2022. It was also apparent that these files contained sensitive consumer information. On May 9, 2022, Carolina Behavioral Health Alliance completed its review of the affected files. While the breached information varies depending on the individual, it may include your first and last name, date of birth, level of care, provider name, address, health plan identification number, gender, and Social Security number. According to a notice posted on the company’s website, the breach impacted the information of plan members of the following health plans: LiveWELL Health Plan, Wake Forest University Baptist Medical Center and Affiliates Employee Benefits Plan, and Wake Forest University Health and Welfare Benefit Plan.

On July 1, 2022, Carolina Behavioral Health sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

Carolina Behavioral Health Alliance, LLC is a provider-owned managed behavioral health organization based in Winston Salem, North Carolina. Carolina Behavioral Health Alliance provides behavioral and mental health services to plan members throughout North Carolina. The company is owned and operated by three not-for-profit medical schools, Wake Forest Baptist Health, UNC Health Care, and East Carolina University. Carolina Behavioral Health employs more than 25 people and was founded in 1996.

Ransomware Attacks Continue to Be Among the Most Common Cyber Attacks

Ransomware attacks are not new; however, recently, they have become increasingly common. Not only that, but the manner in which cyber criminals carry out these attacks has changed over time, making them more dangerous than ever before. Years ago, a traditional ransomware attack involved hackers installing malicious software on a victim’s device or computer network. The malicious software would encrypt the data on the victim’s device, preventing them from accessing their device. Additionally, when the victim tried to log in to their computer, they would see a message from the hackers demanding they pay a ransom in exchange for the hackers allowing the victim access to their computer.

However, more recently, hackers have started to threaten to publish the data they obtained from the victim, usually on the dark web, if the ransom is not paid. This can certainly add to a victim’s fear because once information is posted on the dark web, it is publicly accessible to millions of people, most of which have less-than-honest intentions.

In 2022, ransomware attacks have been the second-leading type of cyberattack, behind only email phishing attacks. For example, according to the Identity Theft Resource Center (“ITRC”), the number of ransomware attacks more than doubled between 2020 and 2021, going from 158 to 321. While 321 attacks may not sound like a large number, keep in mind that most ransomware attacks affect thousands of people.

Given the frequency and risks of these attacks, it is important for both consumers and businesses to understand what ransomware attacks are, how they can be prevented, and what can be done in their aftermath to reduce the worst consequences, including identity theft and other frauds. It is also essential for anyone who falls victim to a data breach to take the necessary steps to protect themselves.

Data breach lawyers are currently investigating the Carolina Behavioral Health Alliance breach. Depending on the outcome of this investigation, victims may be able to pursue a data breach class action lawsuit against the company. Those data breach victims who have questions about what to do in the wake of a ransomware attack or what their legal options may be should reach out to a data breach lawyer for assistance.

Original Source link

Leave a Reply

Your email address will not be published.

nine + one =