Cyber Incident Victim: SalusCare

SalusCare, a Florida-based provider of substance abuse and mental health services, disclosed a cybersecurity incident impacting patient and employee data around March 16, 2021. The breach was publicly reported by NBC2, though SalusCare had not yet determined the attackers' method of access at the time of initial disclosure. No formal notice appeared on the organization's website as of March 24, 2021, when media coverage emerged. The compromise involved unauthorized access to an Amazon Web Services (AWS) storage bucket utilized by the attackers to host or exfiltrate stolen data. This storage infrastructure became central to subsequent investigative efforts, as SalusCare sought to identify the perpetrators and understand the full scope of compromised information.

In response to evidentiary challenges, SalusCare filed a lawsuit against Amazon on Wednesday, March 24, 2021, seeking court intervention to compel the cloud provider to disclose detailed information about the implicated storage bucket. A judge granted the organization's request the following day, Thursday, March 25, indicating judicial recognition of the urgency in investigating the breach. The legal action specifically targeted operational metadata and access logs associated with the AWS resource, which SalusCare required to trace attacker activities and identify potential security gaps. This litigation represented a direct organizational countermeasure to overcome investigative barriers in cloud environments, though the specific findings from Amazon's compelled disclosure remained undisclosed in available reports. The incident exposed sensitive healthcare and employment records, though precise numbers of affected individuals and detailed forensic conclusions were not publicly confirmed through the documented sources.