DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Haven Behavioral Hospital provides Notice of Data Incident

Posted on March 24, 2021 by Dissent

Note: The following notice concerns  Haven Behavioral Hospital of Philadelphia and Haven Behavioral Hospital of Eastern Pennsylvania. DataBreaches.net also found that Cottonwood Creek Behavioral Hospital, Phoenix, Frisco (Texas), and Dayton (Ohio) Haven hospitals all published identical notices yesterday. A notice on Haven Behavioral’s web site is not specific to any named hospitals, suggesting that this incident may have affected other Haven facilities as well. DataBreaches.net sent an inquiry earlier this morning to Haven asking about the number of facilities and number of patients impacted, but has received to response as yet. This post will be updated when more details are received. 

Update of March 31: Still no response from Haven, but add Albuqueque to the list of facilities affected.


PHILADELPHIA, March 23, 2021 /PRNewswire/ — Haven Behavioral Hospital of Philadelphia and Haven Behavioral Hospital of Eastern Pennsylvania (“Haven”) is providing notice of a recent cyber-security incident so that potentially affected individuals may take additional steps to protect their personal information, should they feel it appropriate to do so. Haven has two hospitals in Pennsylvania, Haven Behavioral Hospital of Eastern Pennsylvania located in Reading and Haven Behavioral Hospital of Philadelphia.

On or around September 27, 2020, Haven observed unusual activity on certain systems. Upon discovering this activity, Haven began an investigation, including working with third party forensic specialists, to identify the source of the activity and determine its impact on Haven affiliated systems.  The investigation determined that certain files were potentially accessible on a system that may have been subject to unauthorized access between September 24, 2020 and September 27, 2020.  Upon determining that certain files may have been accessible on the impacted system, Haven began a review of these files to learn what might have been accessible at the time of this incident.

Haven immediately undertook a comprehensive review of the contents of the impacted files, to identify anyone who may have personal information within the potentially impacted data. Haven’s investigation cannot determine specifically what files, if any, were actually viewed by the unauthorized actor(s), but the review recently indicates that names and certain information of some individuals were present. This review was completed on March 11, 2021. Haven is mailing notices to those individuals whose information was present.

While, to date, the investigation has found no evidence of actual or attempted misuse of the information present in the potentially impacted files, Haven’s review determined that the documents affected by this incident may include some combination of the following types of information: name, date of birth, medical history, treatment information, provider information, patient identification number, and health insurance information.

The confidentiality, privacy, and security of personal information within Haven’s custody is among its highest priorities.  Haven is taking steps to further strengthen the security of its information systems. Haven also continues to review its security policies and procedures as part of its ongoing commitment to protect and maintain information security. Haven is providing a dedicated call center to those who may be impacted to learn more and is also offering them access to credit monitoring as well as general guidance on how to protect against identity theft and fraud.   Impacted individuals can learn more by contacting us at (833) 416-0845 (toll free), Monday through Friday, 9 am to 9 pm ET.

###

SOURCE Haven Behavioral Healthcare

Category: Breach IncidentsCommentaries and AnalysesHealth DataOf Note

Post navigation

← Utah Becomes the Second U.S. State to Establish Affirmative Defenses for Data Breach
Clothes retailer Fatface: Someone’s broken in and accessed your personal data, including partial card payment details… Don’t tell anyone →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors
  • Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
  • 100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
  • CISA Alert: Updated Guidance on Play Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant
  • US State Dept. says silence or anonymity on social media is suspicious

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.