Community Bridges

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Overview of the Community Bridges NH Data Breach

Community Bridges, a non-profit agency based in Concord, New Hampshire, experienced a significant cybersecurity incident in early 2022. This breach involved unauthorized access to the organization’s digital network, leading to the potential exposure of sensitive personal information.

Nature and Scope of the Breach

The cybersecurity attack was first discovered on March 1, 2022, when Community Bridges noticed a network disruption. Immediate steps were taken to secure the digital environment, and a leading cybersecurity firm was engaged to assist with the investigation. This investigation revealed that an unknown actor had gained unauthorized access to the network and obtained certain data. By March 27, 2022, it was determined that personal information was involved in the incident[1].

Information Compromised

The types of information exposed in the breach included names, Social Security numbers, dates of birth, government identification numbers, medical information, and health insurance information. This breach affected more than 10,400 individuals, making it a significant incident in terms of the volume of sensitive data potentially compromised[4].

Response and Remediation

In response to the breach, Community Bridges has taken several steps to mitigate the impact and prevent future incidents. These measures include implementing additional security features, reporting the matter to the Federal Bureau of Investigation (FBI), and offering affected individuals twelve months of complimentary credit monitoring, identity remediation, and identity theft insurance services. The organization has also launched a comprehensive data review project to identify other files that may have been accessed or acquired without authorization[1][4].

Legal and Regulatory Actions

Following the breach, Community Bridges notified the New Hampshire Attorney General’s office in accordance with state law. The notification included details about the nature of the incident, the type of information involved, and the number of New Hampshire residents affected. Only nine residents of New Hampshire were directly notified of the breach via first-class mail, indicating the broader impact beyond the state[1].

Broader Context

The Community Bridges data breach is part of a larger trend of cybersecurity incidents targeting healthcare and non-profit organizations. These entities often hold vast amounts of sensitive personal and health information, making them attractive targets for cybercriminals. The breach at Community Bridges underscores the ongoing challenges organizations face in protecting digital information from sophisticated cyber threats[3].

Conclusion

The data breach at Community Bridges NH highlights the critical importance of robust cybersecurity measures for protecting sensitive personal and health information. As cyber threats continue to evolve, organizations must remain vigilant and proactive in their security practices to safeguard against unauthorized access and data theft.

Citations:

  1. https://www.doj.nh.gov/consumer/security-breaches/documents/community-bridges-20220422.pdf
  2. https://www.doj.nh.gov/consumer/security-breaches/c.htm
  3. https://stacker.com/new-hampshire/biggest-health-care-data-breaches-you-should-know-about-new-hampshire
  4. https://www.turkestrauss.com/2022/08/26/community-bridges-data-breach-investigation/
  5. https://www.communitybridgesnh.org/about-us/board-of-directors/
  6. https://www.nhbr.com/legal-briefs-news-from-around-nh-57/
  7. https://www.communitybridgesnh.org/announcements/every-effort-counts
  8. https://www.communitybridgesnh.org/services/community-choices-services-for-adults/supported-living-community-support-services/
  9. https://www.nhpr.org/nh-news/2021-08-23/peterborough-nh-loses-2-3-million-to-cyber-criminals
  10. https://www.communitybridgesnh.org
  11. https://www.communitybridgesnh.org/resources/privacy-policy/
  12. https://healthitsecurity.com/topic/latest-health-data-breaches/P60
  13. https://www.communitybridgesnh.org/resources/vendor-tools-and-forms/
  14. https://apps.web.maine.gov/online/aeviewer/ME/40/ee78ca2a-6cd1-4b28-904e-aa70519ccb4c/42d06971-2b2e-46fb-bfba-e7a4b142512c/document.html
  15. https://www.dhhs.nh.gov/sites/g/files/ehbemt476/files/documents2/region4.pdf
  16. https://www.communitybridgesnh.org/resources/false-claims-protection-and-whistle-blowers-policy/
Breach Submission Date Aug 24, 2022
Converted Entity Name Community Bridges
Converted Entity Type Healthcare Provider
State NH
Individuals Affected 10,461
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes