Familylinks Inc., a Pittsburgh-based nonprofit, has reported a data security breach that may have exposed personal and protected health information. On May 3, 2024, the organization detected unusual activity within one of its employee’s email accounts. The breach investigation, which involved independent cybersecurity experts, revealed that unauthorized access occurred, compromising certain emails and attachments. The incident affected sensitive data, including individuals’ names, Social Security numbers, driver’s licenses, medical information, and health insurance details.
The breach was fully analyzed by October 3, 2024, confirming that personal and health-related data may have been accessed. Although Familylinks has not found evidence of misuse of the compromised information, they have notified affected individuals and taken precautionary measures to enhance their network security. The organization provided written notifications by mail to impacted individuals with verifiable addresses, offering them guidance on steps to protect their information.
To assist those affected, Familylinks has established a toll-free call center available Monday through Friday, from 9 a.m. to 9 p.m. Eastern time, where individuals can get more information on the breach. The call center aims to address concerns and provide further assistance regarding the next steps for protecting personal information. In addition, the organization has strongly encouraged individuals to review their financial accounts for any unauthorized activity and consider placing fraud alerts or security freezes on their credit reports.
Familylinks has also outlined various steps for affected individuals to protect themselves, including monitoring credit reports through the three nationwide credit reporting agencies—Equifax, Experian, and TransUnion—and reporting any suspicious activity. While the organization continues to work on improving its security measures, it deeply regrets the incident and is committed to safeguarding the privacy of its clients moving forward. The breach serves as a reminder of the importance of robust cybersecurity practices to protect sensitive information from unauthorized access.
