On February 27, 2024, Health & Palliative Services of the Treasure Coast, Inc., also known as Treasure Health, discovered a cybersecurity incident involving unauthorized access to its network. The breach originated from a business email compromise affecting a single employee's email account.
Following a forensic investigation completed on April 15, 2024, it was determined that the compromised account contained sensitive personal information.
The breach potentially affected 22,459 individuals across the United States, including 38 residents of Maine. The investigation revealed that Protected Health Information (PHI) and medical information were exposed. The compromised data was not immediately accessible for notification purposes due to missing addresses, necessitating a manual review to finalize the list of impacted individuals.
In response to the breach, Treasure Health took several measures to safeguard the information in its care. They engaged a specialized cybersecurity firm to conduct a thorough forensic investigation and have implemented additional security practices. These include retraining employees, updating policies, and conducting weekly security scans of their systems to identify potential vulnerabilities.
Moreover, Treasure Health has offered 12 months of complimentary credit monitoring and identity theft restoration services through Cyberscout, a TransUnion company, to all affected individuals. This proactive step aims to help protect their identity and provide peace of mind.
If you believe you may be affected by this data breach, it is crucial to take immediate action to protect your personal information. Here are some recommended steps:
For more information about protecting yourself from identity theft, visit the Federal Trade Commission's website.
For additional information about the data breach, you can view the Maine Attorney General's disclosure.