Communicare, a mental healthcare provider based in Elizabethtown, Kentucky, reported a data breach that potentially exposed sensitive personal and health information. The breach occurred on November 23, 2024, when the company detected unusual activity on certain systems. In response, Communicare launched an investigation to determine the scope of the incident and identify the data that may have been accessed by unauthorized parties. The breach potentially compromised personal identifiable information (PII) and protected health information (PHI) of individuals within their systems.
Through its investigation, Communicare confirmed that the unauthorized third party gained access to various types of sensitive information. The data potentially exposed includes names, Social Security numbers, dates of birth, driver’s license numbers, and military identification numbers. Additionally, medical information, health insurance details, financial account information, and state-issued identification numbers were also impacted.
The breach is still under review, with Communicare continuing to assess the full extent of the information exposed and the individuals affected.
As part of its response, Communicare posted a notice on its website informing the public of the breach and its potential impact. The company is also in the process of sending breach notification letters to the affected individuals. These letters will outline the specific types of sensitive information that may have been exposed in the breach, offering individuals the details needed to take appropriate steps to protect themselves. Communicare is committed to assisting those impacted by the breach and has pledged to support them through the process.
Founded in 1967, Communicare offers a broad range of behavioral health services to children and adults in Kentucky. The company provides essential services such as case management, early intervention programs, alcohol and drug abuse treatment, crisis stabilization, and more. Communicare operates multiple locations across the state and employs over 500 individuals. Following the breach, the company is taking measures to prevent future incidents and bolster its data security protocols to safeguard the sensitive information of its patients.
Reference: