SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

American Addiction Centers Data Breach Impacts 422,000 People

American Addiction Centers says the personal information of more than 422,000 people was stolen in a data breach.

American Addiction Centers is notifying more than 422,000 people that their personal information was stolen in a recent data breach.

The Brentwood, Tennessee-based organization provides inpatient and outpatient substance abuse treatment services through a network of rehabilitation facilities across multiple states. It employs over 2,700 people.

The incident was identified on September 26, but the attackers had access to the organization’s servers for at least several days prior and stole certain data during that time.

In late November, the organization informed the US Department of Health and Human Services that 410,747 individuals were affected by the attack.

On December 23, American Addiction Centers notified the Maine Attorney General’s Office that the attackers stole the personal information of 422,424 people, and that it has started sending written notification letters to all the affected individuals.

The exfiltrated information includes names, addresses, phone numbers, dates of birth, Social Security numbers, health insurance information, and medical record numbers or other identifiers.

Advertisement. Scroll to continue reading.

“The affected information did not include your treatment information, or payment card data,” the notification letter, a copy of which was submitted to the Maine AGO, reads.

American Addiction Centers says it is not aware of any identity theft or fraud related to the use of the stolen information, but is providing the affected individuals with 12 months of free alerts on changes made to their credit files.

The organization has not shared specific details on the type of cyberattack it fell victim to, but the Rhysida ransomware gang claimed responsibility for the incident in mid-November, when it added American Addiction Centers to its Tor-based leak site.

The cybercrime group said it stole roughly 2.8 terabytes of data from the organization, and has made most of it available publicly, indicating that it failed to extort American Addiction Centers.

Related: 5.6 Million Impacted by Ransomware Attack on Healthcare Giant Ascension

Related: Hacker Leaks Cisco Data

Related: Cruise Giant Carnival Says Customers Affected by Breach

Related: DigitalOcean Discloses Breach Involving Billing Information

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: How Modern Breaches Bypass MFA and Evade Detection
June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Register

Webinar: Modern Exposure Validation in the AI Era
June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

Register

People on the Move

Ann Barron-DiCamillo has been named Executive Vice President and Global Chief Information Security Officer at U.S. Bank.

Axonius has appointed Moshe Ben Simon as Chief Product Officer.

Stephen Garcia has been named Chief Information Security Officer at BreachRx.

More People On The Move

Expert Insights

Popular Topics

Security Community

Stay Intouch

About SecurityWeek

News Tips

Got a confidential news tip? We want to hear from you.

Submit Tip

Advertising

Reach a large audience of enterprise cybersecurity professionals

Contact Us

Daily Briefing Newsletter

Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.