On November 1, 2023, Bloom Health Centers, a mental health service provider in Timonium, Maryland, discovered suspicious activity in an email mailbox linked to the company. Immediate actions were taken to secure the mailbox and an investigation was launched with the help of a computer forensics firm to determine the extent of the incident.
Following the investigation, Bloom Health confirmed on December 6, 2023 that an employee’s mailbox may have been accessed without authorization. An independent team was then enlisted to review all data within the mailbox, which was completed on March 25, 2024. Efforts were made to locate current contact information for all individuals affected and formal notifications were completed by June 10, 2024.
The compromised information varied among individuals but may have included names, addresses, health insurance details, Medicaid/Medicare information, medical records such as diagnoses, prescriptions