On October 4, 2022, Columbia River Mental Health Services filed an official notice of a data breach with the Maine Attorney General’s Office after the company learned that hackers had access to multiple employee email accounts for more than a year. According to CRMHS, the breach resulted in the compromise of the following information: names, addresses, social security numbers, driver’s license numbers, financial account information, medical information, health insurance information, usernames and passwords, and dates of birth.
To help those affected by the incident understand the risks of a data breach, CRMHS recently began sending out data breach letters, informing victims about the incident and what they can do to protect themselves from identity theft and other fraud. In addition, victims of the breach may be eligible for financial compensation if CRMHS is found to have been negligent in maintaining their information.
What we know about the Columbia River Mental Health Services data breach
The information available about the Columbia River Mental Health Services violation comes from the company’s filing with the Montana Attorney General’s Office. According to this source, CRMHS recently detected suspicious activity within several employee email accounts. In response, the company launched an internal investigation with the help of an external forensic firm to identify the nature and scope of the incident, as well as whether any employee or patient data was compromised.
The CRMHS investigation confirmed that an unauthorized party had gained access to the affected email accounts on May 14, 2021 and that the unauthorized access lasted until April 8, 2022. The investigation also revealed that the emails and Attachments that could be accessed by unauthorized parties included highly sensitive consumer information.
Upon discovering that sensitive consumer data was made available to an unauthorized party, Columbia River Mental Health Services began reviewing affected files to determine what information was compromised and which consumers were affected. Although the information breached varies by individual, it may include your name, address, Social Security number, driver’s license number, financial account information, medical information, health insurance information, username and password, and date of birth.
On October 4, 2022, Columbia River Mental Health Services sent data breach letters to everyone whose information was compromised as a result of the recent data security incident.
Learn More About Columbia River Mental Health Services
Columbia River Mental Health Services is a healthcare provider based in Vancouver, Washington. The company offers a wide range of mental health services for adults and children, including adult outpatient services, services for children and families, and addiction treatment. Columbia River Mental Health Services employs more than 262 people and generates approximately $16 million in annual revenue.
