Columbia River Mental Health Services Reports Data Breach Following Year-Long Period of Unauthorized Access | Console and Associates, PC

On October 4, 2022, Columbia River Mental Health Services filed an official notice of a data breach with the Maine Attorney General’s Office after the company learned that hackers had access to several employee email accounts for more than a year. According to CRMHS, the breach resulted in the following information being compromised: names, addresses, social security numbers, driver’s license numbers, financial account information, medical information, health insurance information, usernames and passwords, and dates of birth.

To help those impacted by the incident understand the risks of a data breach, CRMHS recently began sending out data breach letters, informing victims of the incident and what they can do to protect themselves from identity theft and other frauds. Additionally, victims of the breach may be eligible for financial compensation if it turns out that CRMHS was negligent in maintaining their information.

What We Know About the Columbia River Mental Health Services Data Breach

The available information regarding the Columbia River Mental Health Services breach comes from the company’s filing with the Montana Attorney General’s Office. According to this source, CRMHS recently detected suspicious activity within several employee email accounts. In response, the company launched an internal investigation with the assistance of a third-party forensic firm to identify the nature and scope of the incident, as well as whether any employee or patient data was compromised.

The CRMHS investigation confirmed that an unauthorized party had indeed gained access to the affected email accounts on May 14, 2021, and that the unauthorized access lasted until April 8, 2022. The investigation also revealed that the emails and attachments which were accessible to the unauthorized parties included highly sensitive consumer information.

Upon discovering that sensitive consumer data was made available to an unauthorized party, Columbia River Mental Health Services began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, address, Social Security number, driver’s license number, financial account information, medical information, health insurance information, username and password, and date of birth.

On October 4, 2022, Columbia River Mental Health Services sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About Columbia River Mental Health Services

Columbia River Mental Health Services is a healthcare provider based in Vancouver, Washington. The company provides a wide range of mental health services to adults and children, including adult outpatient services, child and family services and addiction treatment. Columbia River Mental Health Services employs more than 262 people and generates approximately $16 million in annual revenue.