Cyber Incident Victim: Brandywine Counseling and Community Services

On February 10, 2020, Brandywine Counseling and Community Services, Inc. identified a ransomware infection affecting some of its servers. The organization responded by immediately securing its network, contacting law enforcement, initiating an internal investigation, and engaging a computer forensic firm to assist. The investigation confirmed that unauthorized actors acquired a limited amount of personal and clinical data during the incident. Compromised information included client names, addresses, dates of birth, and clinical details such as provider names, diagnoses, prescriptions, and treatment information. For some individuals, exposed data extended to health insurance information, Social Security numbers, and driver’s license numbers. The breach did not impact all clients, only those whose specific data was accessed during the ransomware event. Forensic analysis did not publicly identify the ransomware variant or the attackers’ entry method. No evidence suggested data misuse at the time of notification, though the potential risk to affected individuals prompted remedial actions.

Brandywine Counseling began mailing notification letters to impacted clients by April 20, 2020, and established a dedicated toll-free call center operational on weekdays from 9:00 a.m. to 6:30 p.m. Eastern Time. The organization offered complimentary credit monitoring and identity protection services to individuals whose Social Security numbers or driver’s license numbers were involved. Clients were advised to review insurance and medical statements for unauthorized charges and to contact providers with discrepancies. The organization reiterated its commitment to enhancing security processes through system reviews and implementing additional protective measures. Law enforcement involvement remained ongoing, but no public updates regarding threat actor attribution or ransom demands were disclosed in the available notification.