On October 4, 2024, Seven Counties Services, Inc. filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that staff email accounts were compromised following a phishing attack. In this notice, Seven Counties Services explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, dates of birth, Social Security numbers, addresses, phone numbers, email addresses, diagnoses, and dates of service. Upon completing its investigation, Seven Counties Services began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Seven Counties Services, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Seven Counties Services data breach. For more information, please see our recent piece on the topic here.
What Caused the Seven Counties Services Data Breach?
The Seven Counties Services data breach was only recently announced, and more information is expected in the near future. However, Seven Counties Services’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. According to this source, on August 12, 2024, Seven Counties Services’ IT department discovered that the company was the target of an email phishing attack in which an unauthorized party sent an email that appeared to be from a trusted source. However, when staff members responded to the email, their accounts were compromised, including any data stored within the account.
After learning that sensitive data was accessible to an unauthorized party, Seven Counties Services reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, date of birth, Social Security number, address, phone number, email addresses, diagnoses, and dates of service.
On October 3, 2024, Seven Counties Services sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Seven Counties Services, Inc.
Founded in 1978, Seven Counties Services, Inc. is a mental health and behavioral health services provider based out of Louisville, Kentucky. Seven Counties Services is a Community Mental Health Center and behavioral health services provider, serving individuals and families in Bullitt, Henry, Jefferson, Oldham, Shelby, Spencer & Trimble counties. Seven Counties Services operates 17 locations throughout Kentucky. Seven Counties Services employs more than 2,225 people and generates approximately $95 million in annual revenue.
