On August 29, 2024, Covenant Care California, LLC filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized party had accessed parts of the company’s IT network. This breach resulted in sensitive consumer information being exposed, including names, dates of birth, medical and health insurance information, Social Security numbers, financial account details, credit and debit card numbers, driver’s license numbers, and state identification numbers. The company took immediate action following the incident, which included sending data breach notification letters to all individuals whose information was affected.
Covenant Care California first became aware of the incident on November 13, 2023, when it detected suspicious activity within its computer network. In response, the company secured its network and initiated an investigation to assess the extent of the breach and determine which patient information may have been accessed. This proactive response highlights Covenant Care’s commitment to protecting its consumers and addressing potential vulnerabilities within its IT infrastructure.
After completing the investigation, Covenant Care reviewed the compromised files to understand what information was leaked and which consumers were impacted. The breached information varied depending on the individual, emphasizing the breadth of data exposed during the incident. On August 29, 2024, the company began sending data breach letters to affected individuals, detailing the nature of the compromised information and offering guidance on steps they can take to protect themselves from potential identity theft or misuse of their data.
Covenant Care California, established in 1994, is based in Aliso Viejo, California, and operates more than 30 healthcare and rehabilitation centers across California and Nevada. The company employs over 8,000 individuals and generates approximately $1.2 billion in annual revenue. Previously known for its rehabilitation services under the name AFFIRMA, Covenant Care currently provides home healthcare services through several brands, including Focus Health and Elevate Home Health. The recent data breach underscores the challenges faced by healthcare providers in safeguarding sensitive patient information in an increasingly digital landscape.
Reference:
