Turke & Strauss LLP, a leading data breach law firm, is investigating Cerebral, Inc. regarding its recent data breach. The Cerebral data breach involved protected health information belonging to more than 3.1 million individuals.
ABOUT CEREBRAL, INC.:
Cerebral is a mental health software application that aims to connect subscribers to therapists and medical prescribers for a range of behavioral and mental health disorders. Founded in 2019, Cerebral has expanded from a small startup of five individuals to a national telehealth corporation with over 4,000 employees. Today, Cerebral offers subscribers access to therapists, psychologists, and medication for a variety of disorders, including anxiety, depression, insomnia, bipolar disorder, post-traumatic stress disorder, alcohol dependence, and more. Additionally, Cerebral is capable of prescribing everything from common SSRI medications for depression and anxiety to aversive agents, like disulfiram, for dependence issues. Furthermore, Cerebral promotes therapies beyond medication such as mindfulness and cognitive behavioral therapy. Headquartered in Walnut, California, Cerebral offers services in all 50 U.S. states, including Washington, D.C.
WHAT HAPPENED?
On March 1, 2023, Cerebral reported a data breach impacting more than 3,170,000 people to the U.S. Department of Health and Human Services Offices of Civil Rights. The data breach involved the protected health information of users who may have used Cerebral’s platform as far back as October 12, 2019. Cerebral disclosed that an online information tracking pixel installed on its website collected and transmitted this protected health information to the third parties providing the pixel technology, including Meta (Facebook) and Google. The type of information impacted includes:
- Name
- Contact information (e.g., phone number, email address)
- Address
- Health insurance information (e.g., plan name, group or member number)
- Date of birth
- IP address
- Client ID number
- Demographic information
- Mental health self-assessment survey answers
- Medical information (e.g., treatment information)
If you are a current or former patient of Cerebral:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or sam@turkestrauss.com.
If you were impacted by the Cerebral data breach, you may consider taking the following steps to protect your personal information.
- Carefully review the breach notice and retain a copy;
- Enroll in any free credit monitoring services provided by Cerebral, Inc.;
- Change passwords and security questions for online accounts;
- Regularly review account statements for signs of fraud or unauthorized activity;
- Monitor credit reports for signs of identity theft; and
- Contact a credit bureau(s) to request a temporary fraud alert.
LINKS
[1] https://cerebral.com/static/hippa_privacy_breach-4000c6eb21449c2ecd8bd13706750cc2.pdf
[2] https://oag.ca.gov/system/files/FINAL%20BREACH%20NOTIFICATION%20LETTER%203.1.2023.pdf
[3] https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
[4] https://www.theverge.com/2023/3/11/23635518/cerebral-patient-data-meta-tiktok-google-pixel