Data Breach to Stanley Street Treatment and Resources Affects 45 Thousand People
Table of Contents
- By Steven
- Published: Dec 05, 2022
- Last Updated: Mar 30, 2025
Stanley Street Treatment and Resources, or SSTAR, is a healthcare and rehab provider with locations in Massachusetts and Rhode Island. It offers rehabilitation to drug and alcohol addicts, along with women’s health services, acupuncture, stabilization, and general health care. As a result of providing such services, the company placed itself in the spotlight for hackers and cyber attackers across the country - maybe even worldwide. The data companies like this one have practically unadulterated access to is incredibly sensitive and can sell for quite a lot on the dark web.
How Did the Attack Occur?
When people talk about cyber security incidents, the first thing we think about is hacker movies and TV series. While the main idea in people’s minds often conjures images of back system hacking, lime green coded firewalls, and teenagers huddled in their bedrooms, this is a hacking method that takes place far less often than most people think. Unfortunately for SSTAR, this was the way that the hacker accessed its systems. Fortunately, this sometimes leaves an avenue for investigators to track the hacker.
What Information Was Viewed or Stolen?
The hackers were able to access information that varied by victim. The hackers acquired the following data depending on the victim.
- Social security numbers
- Full names
- Birthdays
- Government IDs
- Dates of service
- Financial account information
- Diagnosis and medical condition information
- Health insurance information
- Treatment and medication details
The nature of the stolen data leaves many of SSTAR’s client base at incredibly high risk for identity theft and other life-altering crimes.
How Did SSTAR Admit to the Breach?
SSTAR admitted to the breach by sending a notification to the U.S. Department of Health and Human Services Office for Civil Rights. The notice included what data was affected, what steps the company was taking to deal with this breach, and what it did to attempt to prevent another one.
What Will Become of the Stolen Information?
The stolen information will likely be sold or used by the hacker. The hacker can efficiently sell the data on the dark web. While the details won’t sell for as much as many people think they do, a small amount of money, like a dollar for a social security number, times 45,000, will land the hacker with a neatly padded bank account. Many of these hackers know how to hide their bank accounts, so even if caught, they can often access the money after they’re released from prison.
What Should Affected Parties Do in the Aftermath of the Breach?
Too many people remain ignorant of the steps they can take to protect personal information before and after data breaches. Many people don’t take the simple, easy steps to educate themselves on cyber-attacks until after they’ve fallen victim to one, and sometimes not even then. If you or a loved one have been affected by this breach or any other, we recommend downloading one of several software titles and investing in credit monitoring. The software titles will scan your devices for possible issues, and the credit monitors will alert you to unauthorized usage of your PII.
