On February 2, 2024, Greater Cincinnati Behavioral Health Services (“GCBHS”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party was able to access portions of the organization’s IT network. In this notice, GCBHS explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, dates of birth, demographic information, driver’s license numbers, medical information and health insurance information. Upon completing its investigation, GCBHS began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from Greater Cincinnati Behavioral Health Services, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Greater Cincinnati Behavioral Health Services data breach. For more information, please see our recent piece on the topic here.

What Caused the Greater Cincinnati Behavioral Health Services Data Breach?

The Greater Cincinnati Behavioral Health Services data breach was only recently announced, and more information is expected in the near future. However, GCBHS’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. GCBHS also posted a notice on its website discussing the incident.

According to these sources, on December 10, 2023, GCBHS experienced a disruption to its IT network. In response, GCBHS disconnected its network and launched an investigation with the help of third-party data security specialists. While this investigation is ongoing, GCBHS has determined that certain files were accessed by an unauthorized party, including those containing confidential patient information.

After learning that sensitive consumer data was accessible to an unauthorized party, Greater Cincinnati Behavioral Health Services reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, date of birth, demographic information, driver’s license number, medical information and health insurance information.

On January 25, 2024, Greater Cincinnati Behavioral Health Services sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About Greater Cincinnati Behavioral Health Services

Greater Cincinnati Behavioral Health Services is a mental health provider based out of Cincinnati, Ohio. GCBHS provides a range of services to patients, including addiction treatment services, employment services, mental health services and psychiatric services. GCBJS serves approximately 30,000 people per year. Greater Cincinnati Behavioral Health Services employs more than 700 people and generates approximately $103 million in annual revenue.