The Richmond Behavioral Health Authority (RBHA) has disclosed a massive data breach affecting 113,000 individuals. Threat actors deployed ransomware and exfiltrated sensitive data including names, Social Security numbers, and personal health information (PHI).
Business Impact
Beyond the immediate operational disruption of mental health services, RBHA faces severe regulatory fines under HIPAA and significant reputational damage. The stolen PHI is high-value on the dark web, leading to long-term identity theft risks for vulnerable populations.
Why It Happened
The breach followed a ransomware attack where initial access was likely gained through compromised credentials. The attackers were able to move laterally and access unencrypted databases containing legacy patient records.
Recommended Executive Action
Healthcare organizations must enforce encryption for data-at-rest across all PHI repositories, including backups. Review incident response plans for “data-first” recovery to prioritize the containment of exfiltration over system restoration.
Hashtags: #HealthcareSecurity #DataBreach #HIPAA #PHI #Richmond #Ransomware #InfoSec #CyberAttack