Several addiction treatment centers in New Jersey, spanning Williamstown, Turnersville, Pemberton, Vineland, and Franklinville, have fallen victim to a data breach, raising concerns about the compromise of patients’ private information. Maryville, a nonprofit addiction agency, responds to the crisis by extending credit monitoring services to those potentially affected, particularly individuals whose Social Security numbers and other sensitive details may have been exposed. The revelation comes through a substitute notice posted on Maryville Addiction Treatment Center’s website, initiating notifications to affected individuals starting February 20.
According to the notice, the cybersecurity incident unfolded around August 22, 2023, involving unauthorized access to a corporate email account. Strikingly, it took until February 7, 2024, for Maryville to realize that the compromised email account contained protected health information and personally identifiable details, including full names, Social Security numbers, medical treatment specifics, health insurance information, dates of birth, financial account details, and government identification. While the agency refrains from issuing an apology for the delayed discovery and notification, they emphasize having no indication of information misuse, justifying the notification as a precautionary measure rather than a legal obligation.
Despite the agency’s claim that there is no evidence of identity theft resulting from the breach, the delayed acknowledgment raises concerns about the security measures in place. The incident underscores the critical need for prompt detection and notification in cybersecurity matters, prompting organizations like the affected addiction treatment centers and Maryville to reassess their protocols for a swifter and more efficient response to potential data breaches.
