A misconfigured AWS s3 storage bucket reportedly exposed roughly 93,000 billing files that contain information on patients of three drug and alcohol addiction facilities operated by San Juan Capistrano, California-based Sunshine Behavioral Health, LLC.

Patients at SBH's Monarch Shores location in San Juan Capistrano; Chapters Capistrano facility in San Clemente, Calif.; and Willow Springs Recovery center in Bastrop, Texas, had their data left open and accessible, reported DataBreaches.net today in a blog post. Although 93,000 files (in some cases templates or test data) were found out in the open, an undetermined smaller number patients were affected, as patients typically had multiple files associated with them.

Exposed data in some cases consists of names, birth dates, physical and email addresses, phone numbers, full payment card numbers with partial expiration dates and a full CVV code and health insurance information, including membership and account numbers, insurance benefits statements and amounts due and paid.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.