In January 2021, CleanSlate Centers, LLC experienced a data breach involving unauthorized access to an employee's email account. The incident, reported by the Georgia Attorney General's Office on September 3, 2021, exposed highly sensitive personal information of individuals. Compromised data included names, health benefit subscriber numbers, credit card numbers, bank account numbers, account access codes/PINs, and Social Security Numbers. The breach posed significant risks such as identity theft, financial fraud, and unauthorized access to health-related accounts. The exact number of affected individuals remains undisclosed, amplifying concerns over the potential scale of the exposure. The breach underscores vulnerabilities in email security protocols and the critical need for robust safeguards to protect sensitive personal and financial data from cyber threats.
TPRM report: https://www.rankiteo.com/company/cleanslate-centers
"id": "cle222090125",
"linkid": "cleanslate-centers",
"type": "Breach",
"date": "1/2021",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Healthcare (Addiction Treatment)',
'location': 'Georgia, USA (and other states)',
'name': 'CleanSlate Centers, LLC',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unauthorized Access (Email Account Compromise)',
'data_breach': {'data_exfiltration': 'Likely (unauthorized access to email)',
'file_types_exposed': ['Emails', 'Attachments (likely)'],
'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': ['Names',
'Social Security '
'Numbers',
'Health Benefit '
'Subscriber Numbers',
'Credit Card Numbers',
'Bank Account Numbers',
'Account Access '
'Codes/PINs'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Financial Information']},
'date_detected': '2021-01',
'date_publicly_disclosed': '2021-09-03',
'description': "The Georgia Attorney General's Office reported a data breach "
'involving CleanSlate Centers, LLC on September 3, 2021. The '
'breach occurred in January 2021, involving unauthorized '
"access to an employee's email account that potentially "
'exposed personal information of individuals, including names, '
'health benefit subscriber numbers, credit card numbers, bank '
'account numbers, account access codes/PINs, and Social '
'Security Numbers. The number of affected individuals is '
'currently unknown.',
'impact': {'data_compromised': ['Names',
'Health Benefit Subscriber Numbers',
'Credit Card Numbers',
'Bank Account Numbers',
'Account Access Codes/PINs',
'Social Security Numbers'],
'identity_theft_risk': 'High (PII and financial data exposed)',
'payment_information_risk': 'High (Credit card and bank account '
'numbers exposed)',
'systems_affected': ['Employee Email Account']},
'initial_access_broker': {'entry_point': 'Employee Email Account',
'high_value_targets': ['PII',
'Financial Data',
'PHI']},
'investigation_status': 'Disclosed; number of affected individuals unknown',
'references': [{'date_accessed': '2021-09-03',
'source': "Georgia Attorney General's Office"}],
'regulatory_compliance': {'regulations_violated': ['Potential HIPAA (Health '
'Insurance Portability and '
'Accountability Act) '
'violations',
'State data breach '
'notification laws (e.g., '
'Georgia)'],
'regulatory_notifications': ['Georgia Attorney '
"General's Office"]},
'response': {'communication_strategy': 'Public disclosure via Georgia '
"Attorney General's Office"},
'title': 'CleanSlate Centers, LLC Data Breach (2021)',
'type': 'Data Breach'}