Skip to main content

Redwood Coast Regional Center Data Breach Investigation

The Lyon Firm is investigating a newly reported data security incident involving the Redwood Coast Regional Center (RCRC) in California. Contact our data breach lawyers if you are contacted by RCRC to learn more about how to protect your data in the future and what can be recovered in the wake of this data theft event.

What Happened at Redwood Coast Regional Center?

On May 3, 2024, Redwood Coast Regional Center (RCRC) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights (HHS) after discovering “unauthorized activity” on its computer network.

In a notice posted on their website, RCRC explains that the data security incident resulted in the unauthorized party being able to possibly access sensitive patient information, which included the following:

  • Names
  • Addresses
  • Phone numbers
  • Email addresses
  • Dates of birth
  • Social Security Numbers
  • Driver’s license numbers
  • State ID numbers
  • Financial account information
  • Medical information
  • Health insurance information

According to sources, on March 6, 2024, RCRC detected unusual activity on its network and soon after engaged third-party data security specialists to investigate. After an initial investigation in the wake of the cyberattack, RCRC began sending out data breach notification letters to all individuals they believe to be impacted. It is unclear at the moment how many have had their data leaked, but it is critical to take action and respond when a data breach takes place.

More About RCRC

Redwood Coast Regional Center is a non-profit organization operating out of Ukiah, California. The health system provides intake, assessment, diagnosis, and coordinated community-based services for over 10,000 children and adults with developmental disabilities in Del Norte, Humboldt, Lake, and Mendocino counties.

If you have a data breach notification letter from RCRC, you should take immediate steps to help mitigate the damage from this incident. You should consider contacting an attorney to file a class action claim, which can not only compensate you for your losses, but will hold any negligent company accountable for potentially failing to build and maintain a reasonably secure IT network.

We believe any healthcare entity that collects and stores your personal data has a duty to protect it, and should they fail to hold up their end of the bargain, they may be legally responsible.