Legacy Treatment Services Data Breach: 170 GB Stolen

Between October 6 and October 11, 2024, Legacy Treatment Services, Inc. ("Legacy") and Community Treatment Solutions ("CTS") experienced a significant data breach involving unauthorized access to their network. According to the company's official disclosure, an unauthorized party infiltrated Legacy's network and accessed sensitive personal information, including protected health information (PHI) as defined by the Health Insurance Portability and Accountability Act (HIPAA).

Legacy Treatment Services first discovered the intrusion shortly after it occurred and immediately took steps to mitigate the threat. This included temporarily taking certain systems offline to prevent further unauthorized access. The company quickly engaged cybersecurity professionals to investigate the incident and assess the extent of the breach. They also notified law enforcement and are cooperating fully with an ongoing forensic investigation.

On November 13, 2024, the investigation confirmed that personal information, including PHI, was accessed and acquired by the unauthorized actor between October 6 and October 11, 2024.

The specific number of individuals affected by this breach has not yet been disclosed, as the investigation is still ongoing. However, the INTERLOCK ransomware group, who claimed responsibility for the cyberattack, stated on the dark web that they obtained approximately 170 GB of data. This stolen data reportedly includes internal documents, patient records, and a large SQL database.

Legacy Treatment Services' Response

Legacy Treatment Services has provided a detailed notice of the data security incident on their official website, outlining the breach and offering clear guidance for potentially impacted individuals. To assist those affected, Legacy has established a dedicated and confidential toll-free response line at 1-877-733-9775, available from 9:00 am to 9:00 pm ET, Monday through Friday, excluding holidays. Specialists staffing this line are knowledgeable about the incident and can advise individuals on steps to protect their personal information.

Furthermore, Legacy Treatment Services strongly recommends that potentially affected individuals take proactive measures to protect themselves from identity theft and fraud.

Recommended actions:

• Reviewing explanation of benefits statements from health insurers to detect any unfamiliar medical services.
• Requesting a current year-to-date report from health insurance providers to identify unrecognized charges.
• Placing a fraud alert or a security freeze on credit files through the three major credit reporting agencies: Equifax, Experian, and TransUnion.
• Obtaining free annual credit reports from AnnualCreditReport.com and regularly reviewing financial account statements for suspicious activity.

Individuals who suspect fraudulent activity or misuse of their information should promptly contact local law enforcement and file a report. Additionally, they may file a complaint with the Federal Trade Commission (FTC) via their identity theft portal, by phone at 1-877-IDTHEFT (1-877-438-4338), or by mail at the FTC Consumer Response Center, 600 Pennsylvania Avenue NW, Washington, DC 20580.

For more information, visit their official website at legacytreatment.org.