Mental health provider Metrocare Services reports data breach affecting 8,600 clients

Metrocare Services, Dallas County's largest mental health service provider, reports a data breach incident that exposed sensitive patient information belonging to approximately 8,600 clients.

On September 9, 2024, when a Metrocare employee sent an encrypted email from their work account to their personal email address. This email was subsequently shared on an unauthorized network. The organization discovered the breach on October 3, 2024, and launched an investigation. The compromised data includes:

• First and last names
• Medical record numbers
• Appointment times and schedules
• Doctors' and practitioners' names
• Dates, durations, and costs of services provided

According to Metrocare's investigation, there is no evidence that the personal health information was used in any way by anyone other than the employee who originally had access to the data. The organization claims that no third-party accessed any of the compromised information.