A portal operated by a partner and used by the mental health service provider was left without any security protection and could have given attackers the ability to access personal information of their patients. The information was found to be vulnerable sometime in August of last year and it included patient names, addresses, phone numbers, DOB, gender, service dates and types, driver’s license numbers, SSN’s, and insurance information. The portal has since been taken down and BBH has affirmed that none of the exposed information was accessed by attackers and they stated that the ePHI was in a format that was not able to be found through an online search. Free identity monitoring and protection services are being provided by BBH as well as credit reports being made available by Equifax, Experian, and TransUnion.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in