The behavioral health services provider discovered unauthorized access to its network between Sept. 12-22. After launching an investigation, AspenPointe determined that patient information including names, dates of birth, Social Security numbers, Medicaid ID numbers and diagnosis codes were exposed as a result of the incident.
AspenPointe reported the security breach to HHS Nov. 19 as affecting 295,617 individuals. The healthcare provider is offering 12 months of free identity theft services and a $1 million insurance reimbursement policy to those affected.
To increase security after the incident, AspenPointe implemented password changes, increased monitoring and rolled out firewall changes.
More articles on cybersecurity:
University of Minnesota Physicians report 2 employee email hacks: 4 details
Nearly 1M health records breached in November
California medical center server issue exposed patient data for 4.5 years
