US counseling and health services provider Equinox reports data breach

Equinox, a US counseling and health services provider, reportd a  data breach affecting current and former clients and staff.

The security incident was initially detected on April 29, 2024, when unusual activity was observed within their internal systems. The company initiated a forensic investigation that confirmed unauthorized access and potential exfiltration of sensitive data from their internal systems.

The breach is impacting data of current and former clients and staff members. Exposed data types include:

• Names
• Addresses
• Dates of birth
• Social Security numbers
• Passport numbers
• Driver's license/state ID numbers
• Financial account details
• Diagnoses
• Treatment information
• Health insurance details
• Medication-related records

The nature of the attack and the number of affected individuals has not been disclosed. The company states there is no evidence of data misuse at this time.

Equinox has notified affected individuals through official letters detailing the incident and recommended protective actions. The company has also reported the incident to various authorities, including the New York State Attorney General, the NY State Division of State Police, the NY State Department of Consumer Protection, and the Federal Office for Civil Rights.