On August 30, 2024, Mt. Carmel Behavioral Healthcare LLC (“MCBH”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party accessed an employee email account. In this notice, MCBH explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, dates of birth, addresses, medical record numbers, patient account numbers, health insurance information, and medical information. Upon completing its investigation, MCBH began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from Mt. Carmel Behavioral Healthcare LLC, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Mt. Carmel Behavioral Healthcare data breach. For more information, please see our recent piece on the topic here.
What Caused the Mt. Carmel Behavioral Healthcare Data Breach?
The Mt. Carmel Behavioral Healthcare data breach was only recently announced, and more information is expected in the near future. However, MCBH’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. MCBH also posted a website notice describing the incident and the company’s response.
According to these sources, on June 12, 2024, MCBH learned that an unauthorized party was able to access an employee’s email account. In response, MCBH secured the affected email account and then launched an investigation with the help of third-party cybersecurity experts.
Through this investigation, MCBH confirmed that there was unauthorized access to a single employee email account between June 11, 2024 and June 12, 2024, including emails and attachments containing confidential patient information.
After learning that sensitive consumer data was accessible to an unauthorized party, Mt. Carmel Behavioral Healthcare reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, date of birth, address, medical record number, patient account number, health insurance information, and medical information.
Between August 9, 2024 and August 30, 2024, Mt. Carmel Behavioral Healthcare sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About Mt. Carmel Behavioral Healthcare LLC
Mt. Carmel Behavioral Healthcare LLC is a behavioral health services provider based out of Columbus, Ohio. MCBH provides treatment options for a range of behavioral health issues, including anxiety, depression, bipolar disorder, PTSD, borderline personality disorder, and more. MCBH also operates inpatient and intensive outpatient treatment programs for those suffering from substance use and abuse disorders. Mt. Carmel Behavioral Healthcare generates approximately $73 million in annual revenue.