Brightline suffers data breach, potentially impacting 783K patients

Pediatric behavioral health provider Brightline was the victim of a data breach that could have affected up to 783,000 people.

The breach was detected Jan. 30 through Brightline’s vendor Fortra, according to a notice posted on the provider’s website. Fortra is the third-party provider of file transfers known as GoAnywhere MFT Software-as-a-Service.

According to the notice, Brightline was informed of the breach Feb. 4 and determined the incident was limited solely to the Fortra service and did not impact Brightline’s own network.

"As soon as we became aware of the incident, we took immediate action to investigate it by confirming Fortra deactivated the unauthorized user’s credentials, turned off the service and rebuilt our version so it was no longer vulnerable," Brightline said in a statement to patients.

Based on Brightline’s investigation, the provider determined that a limited amount of protected health information was impacted, including individuals’ names, addresses, dates of birth, member identification numbers, dates of health plan coverage and/or employer names.

In response to the incident, Brightline is offering impacted individuals two years of complimentary identity theft and credit monitoring services by Cyberscout.

View the complete list of impacted parties here.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.

 

Featured Whitepapers

Featured Webinars

Top 40 articles from the past 6 months