THS Data Breach Affects 14,164 Poeple, Exposing SSNs

Therapeutic Health Services (THS), a mental health care provider, recently experienced a significant data breach affecting 14,164 individuals in the United States, including 7 residents in Maine. The breach, discovered on May 6, 2024, involved unauthorized access to THS's computer network, exposing sensitive consumer information.

On February 26, 2024, THS identified unauthorized activity within its computer network. Despite securing and remediating the compromise, the investigation revealed that personal and medical information might have been exposed. The breach potentially included:

• Full name
• Social Security number
• Date of birth
• Information regarding medical services provided by THS
• Health information

The breach was publicly disclosed on July 19, 2024, and reported to the Maine Attorney General's office. Additionally, the disclosure is available on the Massachusetts Attorney General's website. Consumers were notified by mail on July 18, 2024.

Therapeutic Health Services's Response

In response to the breach, THS took several measures to mitigate the impact and prevent future incidents. They secured and remediated the compromised network, engaged third-party experts, and enhanced their data security protocols. THS also notified law enforcement and focused on improving their cyber preparedness through additional awareness training and updated procedures.

To support affected individuals, THS is offering complimentary credit monitoring and identity restoration services through Identity Defense Complete, provided by CyEx. Consumers can enroll in these services by visiting app.identitydefense.com/enrollment/activate/ths and using the provided activation code.

Steps for Affected Individuals

If you are affected by this data breach, it is crucial to take the following steps to protect your personal information:

1. Enroll in Credit Monitoring Services: Activate the complimentary credit monitoring and identity restoration services offered by THS within 90 days of receiving the notification letter.
2. Monitor Your Accounts: Regularly check your credit card statements and credit reports for any suspicious or unusual activity.
3. Place a Fraud Alert: Contact the three major credit bureaus (Equifax, TransUnion, and Experian) to place a fraud alert on your credit file, which will notify creditors to take extra steps to verify your identity before opening new accounts.
4. Request a Security Freeze: Consider placing a security freeze on your credit report to prevent unauthorized access. This can be done by contacting each credit bureau directly.
5. Obtain an Identity Protection PIN (IP PIN): To protect against fraudulent tax returns, obtain an IP PIN from the IRS by visiting IRS Identity Protection.
6. Stay Vigilant: Remain vigilant and report any suspected identity theft or fraud to financial institutions, law enforcement, and relevant authorities.