San Antonio-based Deer Oaks Behavioral Health issued a substitute notice on its website Oct. 31 informing its patients that it experienced a ransomware attack.
Deer Oaks first discovered that a segment of its computer systems had been subjected to unauthorized access and ransomware. The company then employed a specialized cyber forensics team to investigate the extent of the unauthorized activity, the statement said.
The team determined that the exposed information potentially included client names, addresses, dates of birth, Social Security numbers, diagnosis codes, insurance information and treatment service types. Deer Oaks sent out notification letters to the 171,871 patients affected Oct. 31.