American Addiction Centers (AAC) has notified 422,424 individuals that their personal information was stolen in a cyber-attack attributed to the Rhysida criminal organization. The incident was discovered on September 26, 2024, and the notification letter to affected individuals confirmed that the information exfiltrated included names, Social Security numbers, and health insurance information. AAC is offering

American Addiction Centers Inc. faces a class action in the Middle District of Tennessee for allegations that it violated the Health Insurance Portability and Accountability Act (HIPAA) by failing to protect patient data from cyber criminals.

In September 2024, American Addiction Centers suffered a cyber-attack that led to the unauthorized access to sensitive personal information