El Centro Del Barrio, which does business as CentroMed, recently faced a data breach impacting approximately 400,000 individuals.
What happened
The non-profit recently provided notice of a data breach impacting 400,000 individuals. The breach was reported to the HHS on May 17th, 2024.
CentroMed was founded in 1971 and is a product of the National Institutes of Mental Health and an Our Lady of the Lake University project aiming to increase the number of Mexican-American social workers providing culturally competent services in San Antonio.
Since then, the practice has expanded to meet the community's needs, serving vulnerable and underprivileged members with medical, dental, and behavioral healthcare.
Going deeper
According to the notice, CentroMed became aware of the breach on May 1st, 2024, when the organization detected unusual activity in their IT network. Upon discovery, the service provider immediately launched an investigation and took steps to secure their systems.
The investigation determined that an unauthorized party accessed the network on April 30th, 2024, and may have accessed or acquired files related to current and former patients.
The information involved included names, addresses, dates of birth, Social Security numbers, financial account information, medical record numbers, health insurance information, diagnosis and treatment information, and claims data.
Once the investigation concluded, CentroMed began providing notice to impacted individuals and established a call center. The organization said they “take this incident very seriously and sincerely regret any concern this may cause.” CentroMed plans to implement additional safeguards and security measures to prevent future breaches from occurring.
Why it matters
This isn’t the first breach CentroMed has faced. Back in June 2023, CentroMed faced a breach impacting approximately 350,000 individuals. This breach was discovered on June 12th, 2023, and was similarly caused by a malicious actor infiltrating the organization’s IT network.
Data breaches at any healthcare organization can be troubling, but when a non-profit organization, especially one committed to serving underprivileged populations, faces a breach, it can have long-lasting impacts.
Organizations like these may have more difficulty financially recovering. Some of the populations, like those experiencing homelessness, may also be difficult to notify.
The big picture
Two breaches occurring less than a year apart shows the importance of consistent data security. Every organization has an obligation to keep up with evolving trends and tactics that could make data vulnerable.
Unfortunately, attacks are becoming increasingly sophisticated, which is one of the many reasons it’s important to work with trusted companies for data security.
Paubox has never experienced a data breach and prides itself on intuitive, secure, and user-friendly security systems. With phishing and email breaches one of the most common vector attack methods, it’s imperative to remain as secure as possible.
Read more: HIPAA Compliant Email: The Definitive Guide
Abby Grifno
