Cyber Incident Victim: Centerstone

The Centerstone data breach occurred between December 12 and December 16, 2019, involving unauthorized access to employee email accounts at Centerstone of Tennessee, Inc., a provider of mental health and substance abuse services. The incident was detected when an employee observed unusual activity within their email account, prompting Centerstone to initiate an investigation. The organization engaged an independent computer forensics firm to analyze the security event, though the exact date of initial detection remains undisclosed. Forensic analysis confirmed that unauthorized parties accessed or acquired personal information belonging to current and former patients and employees during the four-day compromise window. Centerstone did not publicly specify the number of affected individuals or characterize the threat actors responsible for the intrusion.

Centerstone completed its forensic review by August 25, 2020, nearly eight months after the incident, when it determined which compromised email accounts contained sensitive data. The delayed timeline between the December 2019 breach and the August 2020 assessment completion was not explained in public statements. Notification letters were subsequently issued to impacted patients and employees, disclosing that exposed information may have included personally identifiable details, though specific data elements were not enumerated. The organization published a breach notice on its website and coordinated with external media outlets to disseminate information about the incident by October 2020. No operational disruptions or ransomware events were reported in connection with the email account compromise.