On or about January 30, 2025, UNITED BACKCARE DBA Pacific Rehabilitation Centers (“Pacific Rehabilitation Centers”), reported a significant cybersecurity incident (the “Data Breach”) to the Washington State Attorney General’s Office. The Data Breach occurred when an unauthorized actor gained access to Pacific Rehabilitation Center’s computer systems on December 30, 2024. Pacific Rehabilitation Center initiated security measures and took servers offline to protect stored data. At least 18,600 people were affected by the Data Breach.
Established in 1984, Pacific Rehabilitation Centers provides return-to-work services in the State of Washington.
Pacific Rehabilitation Centers sent data breach notification letters to those affected and offered information on placing a free fraud alert on one’s credit file. If you received a Data Breach notification letter from Pacific Rehabilitation Centers, it confirms that your information was potentially impacted.
What information is involved in the UNITED BACKCARE DBA Pacific Rehabilitation Centers (“Pacific Rehabilitation Centers”) Data Breach?
Compromised information may include:
Name
Social Security Number
Driver’s License or State ID Card Number
Financial and Banking Information
Date of Birth
Unique Private Key (e.g. used to authenticate or sign an electronic record)
Passport Number
Health Insurance Policy or ID Number
Medical Information
Your Personally Identifiable Information (PII) includes details that can be used to identify you. It plays a key role in defining your identity. Organizations are legally obligated to safeguard this data, and failure to do so can result in statutory fines and other legal consequences. If PII is stolen, it may be exploited by criminals to commit identity fraud.
A specific category of PII is Protected Health Information (PHI), which pertains to personal medical data. PHI is safeguarded under both federal and state regulations. Entities such as healthcare providers and businesses that manage PHI must ensure its security. Just like PII, compromised PHI can be misused by identity thieves, and it’s common for cybercriminals to use both types of information together.
If your data has been exposed in a breach, one of the most effective steps you can take is to enroll in credit and identity monitoring services promptly.
If you received a NOTICE OF DATA BREACH letter from Pacific Rehabilitation Centers, your personal, financial, and/or medical information may be at risk. This type of data can be exploited by identity thieves to commit fraud and other crimes.