Peerstar LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Peerstar LLC, a mental health and support services company based in Pennsylvania, experienced a significant data breach that was first detected on March 7, 2023. The breach involved unauthorized access to Peerstar’s systems between February 22, 2023, and March 3, 2023, potentially compromising the sensitive personal identifiable information and protected health information of approximately 11,438 patients[1][4][7]. The types of information exposed in the breach varied and may have included names, addresses, phone numbers, Social Security numbers, medical and treatment information, financial details, identification numbers, and healthcare payment and insurance information[1][4][7].

Peerstar LLC is known for providing peer support services to individuals recovering from mental health and substance use disorders, distinguishing itself by delivering specialized education to its staff. The company has been operational since 2008 and serves over 30 counties in Pennsylvania[2].

Following the detection of suspicious activity, Peerstar engaged third-party security experts to investigate the incident and assess the security of its systems. It was confirmed that an unauthorized third party had access to its systems within the specified timeframe, leading to the exposure of protected health information[7]. Despite the breach, Peerstar has stated that it is unaware of any actual or attempted misuse of patient data. In response to the breach, Peerstar has confirmed that additional cybersecurity safeguards are being implemented, employee cybersecurity training has been enhanced, and cybersecurity policies, procedures, and protocols are being improved[7].

Affected individuals were advised to review the breach notice carefully, retain a copy, enroll in any free credit monitoring services provided by Peerstar, change passwords and security questions for online accounts, regularly review account statements for signs of fraud or unauthorized activity, monitor credit reports for signs of identity theft, and contact a credit bureau(s) to request a temporary fraud alert[1].

Legal investigations into the breach are underway, with attorneys investigating whether a class action lawsuit can be filed. If filed and successful, a class action lawsuit could provide consumers with compensation for any harm resulting from the breach and potentially force Peerstar to take proper steps to protect the information it was entrusted with[4].

Citations:

  1. https://www.turkestrauss.com/2023/10/23/peerstar-data-breach-investigation/
  2. https://www.peerstarllc.com
  3. https://www.classaction.org/media/peerstar-llc-data-breach-notice.pdf
  4. https://www.classaction.org/data-breach-lawsuits/peerstar-llc-october-2023
  5. https://www.hipaajournal.com/october-2023-healthcare-data-breach-report/
  6. https://lfweb.franklincountypa.gov/WebLink8Public/DocView.aspx?dbid=0&id=12028500&repo=FranklinCounty8
  7. https://www.hipaajournal.com/data-breaches-peerstar-la-red-health-center-fredericksburg-foot-ankle-center/
  8. https://www.casemine.com/judgement/us/62f728e1c2281c7ac2f64ec7
  9. https://localnews1.org/2023/12/06/franklin-county-commissioners-to-meet-23/
  10. https://www.mass.gov/doc/assigned-data-breach-number-30735-peerstar-llc/download
  11. https://dojmt.gov/consumer/databreach/
  12. https://www.dataguidance.com/notes/pennsylvania-sectoral-privacy-overview
  13. https://law.justia.com/cases/federal/appellate-courts/ca3/22-3031/22-3031-2023-07-27.html
  14. https://www.linkedin.com/posts/joshua-mckeever-b80684214_breach-report-activity-7111001245099720704-kpAz?trk=public_profile_share_view
  15. https://www.linkedin.com/in/ronald-nase-jr-9b224750
  16. https://casetext.com/case/kelly-v-peerstar-llc
  17. https://www.indeed.com/q-forensic-peer-l-philadelphia,-pa-jobs.html
  18. https://casetext.com/case/kelly-v-peerstar-llc-1
  19. https://www.peerstarllc.com/privacy-policy-page
Breach Submission Date Oct 16, 2023
Converted Entity Name Peerstar LLC
Converted Entity Type Healthcare Provider
State PA
Individuals Affected 11,438
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes