Avon, Ind.-based Cummins Behavioral Health Systems has confirmed it was the recent victim of a ransomware attack.
The company discovered a ransom note within its IT environment that was placed by an unauthorized individual, according to a statement published to the system's website. This breach resulted in the unauthorized access of consumers' sensitive information.
"Cummins Behavioral Health Systems, Inc. understands the inconvenience or concern that this matter may cause and remains dedicated to ensuring the privacy and security of information within its control," the statement reads.
Information affected could include names, addresses, dates of birth, driver's license or state ID numbers, Social Security numbers, financial account information, payment card information, usernames and passwords, passport information, biometric information, health insurance information, and medical information.
Cummins sent letters informing potentially affected patients of the attack Aug. 11.