Cummins Behavioral Health Systems

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Cummins Behavioral Health Systems Inc., based in Avon, Indiana, experienced a significant data breach affecting 157,688 patients. The breach was discovered on March 9, 2023, when a ransom note was found within the organization’s computer environment, indicating unauthorized access by an individual. Although no file encryption occurred, the attacker claimed to have obtained sensitive data. The unauthorized access period was identified between February 2, 2023, and March 9, 2023. The compromised data includes a wide range of personal and financial information, such as names, addresses, dates of birth, Social Security numbers, driver’s license/State ID numbers, financial account information, payment card information, health insurance information, and medical information[1][2][4].

Cummins Behavioral Health Systems initiated a forensic investigation to understand the extent of the breach and the specific types of information involved. While the investigation is ongoing, the organization has begun reviewing its policies, procedures, and processes to prevent future incidents. Affected individuals have been notified through letters, which include details of the compromised information and offer complimentary credit monitoring services to those whose Social Security numbers were compromised[1].

Cummins Behavioral Health Systems is a community behavioral health center that provides a range of services, including individual therapy, group therapy, family therapy, psychiatric services, and substance use treatment to residents of Marion, Hendricks, Boone, Montgomery, and Putnam counties in Indiana. The organization employs more than 363 people and generates approximately $25 million in annual revenue[2].

In response to the breach, legal firms are investigating claims on behalf of the victims, exploring potential legal remedies and rights in response to the data breach[4][8]. Cummins Behavioral Health Systems has taken steps to strengthen its system security to prevent similar incidents in the future[1].

Citations:

  1. https://www.hipaajournal.com/cummins-behavioral-health-reports-157k-record-data-breach/
  2. https://www.jdsupra.com/legalnews/cummins-behavioral-health-systems-inc-2652533/
  3. https://fox59.com/business/press-releases/cision/20230815NY84442/cummins-behavioral-health-systems-inc-data-breach-alert-issued-by-wolf-haldenstein-adler-freeman-herz-llp/
  4. https://www.turkestrauss.com/2023/08/16/cummins-behavioral-health-systems-data-breach-investigation/
  5. https://apps.web.maine.gov/online/aeviewer/ME/40/a1917d85-7bed-4080-ba9b-792f5ff9c280.shtml
  6. https://www.defensorum.com/data-breaches-reported-by-cummins-behavior-health-redwood-coast-regional-center-and-other-healthcare-entities/
  7. https://www.prnewswire.com/news-releases/cummins-behavioral-health-systems-inc-data-breach-alert-issued-by-wolf-haldenstein-adler-freeman–herz-llp-301900830.html
  8. https://www.msdlegal.com/blog/2023/08/cummins-behavioral-health-systems-data-breach-class-action-investigation/
  9. https://www.beckersbehavioralhealth.com/behavioral-health-news/cummins-behavioral-health-systems-announces-data-breach.html
  10. https://www.databreaches.net/in-cummins-behavioral-health-systems-discovers-cyberattack-when-it-finds-ransom-note/
  11. https://www.whafh.com/investigation-cummins-behavoiral-health-systems-data-breach/
  12. https://www.myinjuryattorney.com/cummins-behavioral-health-systems-inc-data-breach-investigation/
  13. https://www.businesswire.com/news/home/20230815969962/en/Federman-Sherwood-Investigates-Cummins-Behavioral-Health-Systems-Inc.-for-Data-Breach
Breach Submission Date Apr 12, 2023
Converted Entity Name Cummins Behavioral Health Systems
Converted Entity Type Healthcare Provider
State IN
Individuals Affected 501
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes