Riverdale Mental Health d/b/a Mosaic Mental Health

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Riverdale Mental Health, operating as Mosaic Mental Health in New York City, experienced a cybersecurity incident that was first discovered on July 27, 2023. The incident involved unauthorized access to parts of its computer systems that contained sensitive patient information. The data potentially compromised in the cyberattack included names, addresses, dates of birth, social security numbers, diagnosis codes, health plan information, and clinical data such as medical records requests, progress notes, evaluations, and procedure codes. Despite the exposure of data, there has been no detected misuse of patient information as of the reporting. In response to the breach, Mosaic Mental Health has changed administrator credentials and is taking further steps to enhance network security. The breach affected a total of 7,281 individuals and was reported to the Health and Human Services’ Office for Civil Rights[3].

Citations:

  1. https://www.mass.gov/doc/assigned-data-breach-number-30916-riverdale-mental-health-dba-mosaic-mental-health-11-8-23/download
  2. https://www.gohealthuc.com
  3. https://www.hipaajournal.com/176200-ortho-alaska-patients-affected-by-data-breach/
  4. https://kffhealthnews.org/news/hospital-penalties/
  5. https://www.mosaicmh.org
  6. https://wfirm.com/georgia/Title%2040/Chapter%2002/
  7. https://breachdata.topwords.me/states/NY?limit=20&offset=20&sort=reported_date
  8. https://breachdata.topwords.me/states/NY?limit=20&offset=40&sort=state
  9. https://www.mass.gov/doc/data-breach-report-2023/download
  10. https://www.nyc.gov/assets/omb/downloads/xlsx/exec0419/04252019-community-boards-register-by-borough.xlsx
  11. https://oag.ca.gov/privacy/databreach/list
Breach Submission Date Sep 25, 2023
Converted Entity Name Riverdale Mental Health d/b/a Mosaic Mental Health
Converted Entity Type Healthcare Provider
State NY
Individuals Affected 7,281
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes