In September 2024, American Addiction Centers (AAC) fell victim to a cyberattack that exposed the personal and health-related information of 422,424 individuals. The breach occurred between September 23 and 26, compromising sensitive data such as names, Social Security numbers, health insurance details, and contact information. Fortunately, no treatment or payment card data was involved. The breach was identified on September 26, prompting immediate action from AAC, which included notifying law enforcement and hiring third-party cybersecurity experts to assess the damage.
AAC’s investigation confirmed that unauthorized individuals had accessed and stolen data during the breach window. Despite the severity of the exposed information, the company reported no evidence linking the incident to identity theft or fraud. In response to the breach, AAC began implementing stronger security measures to prevent similar events in the future. Additionally, the company began notifying affected individuals just before the Christmas holiday, providing them with the necessary details about the breach and steps to protect their personal information.
To mitigate potential risks for those impacted, AAC is offering complimentary credit monitoring services for 12 months. This service includes monitoring for suspicious activity and proactive fraud assistance. Affected individuals can enroll in this program by March 31, 2025, and are encouraged to monitor their credit reports and financial accounts for unusual activity. AAC also provided a dedicated hotline to support those with questions or concerns about the breach and the identity protection services available to them.
While the investigation continues, AAC has emphasized its commitment to transparency and data security. The company reassured the public that it has taken swift action to enhance its cybersecurity posture. Affected individuals are urged to remain vigilant and use the resources provided, including fraud alerts and credit report freezes, to safeguard their identities. With ongoing improvements in security protocols, AAC is focused on preventing future breaches and maintaining trust with its clients.
