Cyber Incident Victim: Beech Acres Parenting Center

Beech Acres Parenting Center experienced a security incident involving unauthorized access to employee email accounts containing sensitive client information. The organization determined that an attacker compromised these accounts during a period spanning from December 29 through March 18, though the specific year was not disclosed in available reporting. During this timeframe, the intruder obtained emails containing clients' personally identifiable information, including full names, dates of birth, and unique client account numbers used by the organization. The breached communications also contained treatment-related details such as specific dates of service and the full names of healthcare providers involved in client care. For certain affected individuals, the compromised emails additionally included sensitive health insurance policy information and Social Security numbers – data elements that heighten identity theft risks.

The organization discovered that private client information had been accessed through this email system breach, though the exact method of initial compromise remained unspecified in public disclosures. Beech Acres did not publicly quantify the total number of affected individuals or specify whether the breach impacted current clients, former clients, or both populations. As of December 29, 2020 – the date when external reporting first documented the incident – the parenting center had not yet initiated formal notification letters to those whose information was exposed. No information was available regarding whether the organization offered affected individuals credit monitoring services or other forms of remediation. The public disclosure did not specify whether law enforcement had been engaged to investigate the breach or whether regulatory bodies had been notified about the privacy incident.