On August 2, 2024, Fraser Child and Family Center reported a data breach to the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party had accessed its network. The breach, which occurred between May 30, 2024, and June 2, 2024, compromised sensitive information including names, Social Security numbers, dates of birth, medical details, and addresses. Fraser took immediate action by investigating the suspicious activity and later confirmed that some of the files on its system had been copied or accessed without authorization.
The investigation revealed that unusual activity was first detected on June 2, 2024, prompting Fraser to secure its systems and assess the damage caused by the breach. While the organization has yet to release detailed information about how the attackers gained access, the investigation uncovered that confidential patient data was compromised. Fraser then began notifying all affected individuals to inform them of the potential risks and the specific types of information that may have been accessed.
Fraser sent out data breach notification letters to impacted individuals, providing them with a detailed list of what personal information had been exposed. Despite the severity of the incident, Fraser emphasized that it was not aware of any misuse of the compromised data but encouraged those affected to remain vigilant. The organization also posted a website notice to discuss the event and what steps had been taken to mitigate the potential consequences of the breach.
Fraser Child and Family Center, headquartered in Minneapolis, Minnesota, is a nonprofit that offers services related to autism and mental health. Established in 1935, Fraser specializes in early childhood development and provides various behavioral and educational services. With over 2,194 employees, the organization serves children and families across the region and generates around $53 million in annual revenue.
Reference:
