EL PASO, Texas (KTSM) — A Las Cruces social-service organization is reporting a data breach that happened late last year.
The Aprendamos Intervention Team says it had a breach of “protected health information” that happened on Dec. 4, 2024, at its Las Cruces location.
“An internal investigation revealed that a former Aprendamos employee transferred electronic PHI to an external email account without authorization on their last day of employment,” Aprendamos said in a news release.
The incident affected the personal health information of 1,895 clients and 101 employees, primarily including names and dates of birth, the organization said.
“As a result, clients’ PHI may have been accessed or viewed by an unauthorized individual. Since
Aprendamos Intervention Team is subject to the HIPAA Privacy Rule, we are notifying the media of this breach as required under 45 CFR § 164.406. At this time, we have not received any indication that the compromised information has been accessed or misused by any other unauthorized party,” Aprendamos said.
The organization said it is “actively reaching out to all impacted clients,” and informing them of the incident, and providing guidance on protecting their information.
They are also conducting a “comprehensive review of our security protocols” to prevent future incidents and working with cybersecurity experts to improve their systems, they said.
Aprendamos is also offering credit monitoring services at no cost to eligible clients, they said.
Aprendamos clients with questions or concerns should contact a dedicated hotline at (575) 323-9705.
Read: Read More