The following information is a continuation of the initial announcement we had posted on the website for 6 months after reporting and beginning the data breach investigation.
PLEASE CONTACT US IMMEDIATELY IF YOU OR SOMEONE YOU KNOW MAY HAVE CONTACTED ONE OF THESE ACCOUNTS AND DID NOT SPEAK WITH BET SHADDINGER, SANDRA NOVAK, OR JACK FLETCHNER. IF YOU FEEL YOU MAY HAVE SPOKE TO SOMEONE WHO PRETENDED TO BE ONE OF THE NAMES MENTIONED ABOVE, PLEASE ALSO FEEL FREE TO CONTACT US SO WE CAN ENSURE THAT YOU WERE NOT VICTIMIZED BY CONTACTING THESE COMPROMISED ACCOUNTS.
IF YOU WERE A CLIENT OR POTENTIAL CLIENT WHO CONTACTED US BY ANY OF THE FOLLOWING WAYS PLEASE CONTACT US SO WE CAN HELP SEE IF YOUR INFORMATION WAS A PART OF THIS DATA BREACH:
IF YOU CONTACTED AFTER 04/04/2016 BY ANY OF THE FOLLOWING WEBSITES:
RISERECOVERY.CO EMAIL ADDRESS
WHILE THE INTELLECTUAL PROPERTY, LOGO, SERVICES, STAFF, AND CONTACT INFORMATION WAS ACCURATE, THE GODADDY ACCOUNT WAS BEING FRAUDULENTLY USED WITHOUT MY KNOWLEDGE OR CONSENT. AS OF NOW WE KNOW THAT IT WAS USED TO REDIRECT ANY CONTACT THROUGH THE WEBSITE, EMAIL, AND ALSO THE PHONE NUMBER. THROUGH PSYCHOLOGY TODAY, IT WAS CONFIRMED THAT APPROXIMATELY 200 PLUS CALLS AND 75 PLUS EMAILS THROUGH THEIR SITE WERE REROUTED TO an unauthorized individual who has yet to be identified.
The emails that were compromised were:
any email that was
Phone calls were redirected from the number 754-307-5404.
743-206-0679, 609-287-5673, 609-287-5673, 609-626-4210- 954-949-7081, and 609-941-6286 are all phone numbers that the accounts had been considered as fraud because there were fraudulent services on the accounts and/or they were included as a contact number on our old fax number 954-994-1033 which was also considered a compromised and fraudulent account.
were all numbers that I had attempted to use instead of the business number above, however, it was recently brought to my attention that these accounts were also victimized by cyber related crimes and unauthorized purchases and changes to these accounts were made without my knowledge or consent.**
Fax number 954-994=1033 was considered a compromised account and was reported as fraudulent. Because of this, please contact us if you sent a fax to this number and are concerned about the information being securely received either from RISE or to RISE.
any faxes sent to any other number than the new 1-800-723-9788 may potentially be compromised as we did notice some outdated fax information on old websites or marketing sites.
STEPS WE HAVE TAKEN SO FAR TO INVESTIGATE THE BREACH, MITIGATE THE HARM, PREVENT FURTHER BREACHES, AS WELL AS CONTACT INDIVIDUALS IMPACTED PERSONALLY UPON BEING ABLE TO VERIFY IF/AND THE EXTENT OF THE INFORMATION BREACHED.
1. RISE is fully cooperating with several active open investigations with law enforcement.
2. RISE has taken the steps to Secure, Update, Cancel, and/or Change all known accounts that were compromised.
3. Opened new and secure account with HIPPA secure web hosting for our website (including providing secure HIPPA compliant emails with the website hosting package). The new website is www.rise-therapeuticservices.com is the only website that is a direct link to our personal staff and domain. It includes all of our updated and secure contact information .
4. Changed our contact information and created new accounts to ensure all PHI would be secure moving forward.
5. Hired help to secure our accounts and taken the much appreciated guidance of the investigators helping us.
6. Hired help in order to be in compliance with HIPPA to prevent any further potential DATA breaches.
7. Provided all information and documentation to the investigators helping with this breach.
8. Helping to identify and notify the potential victims resulting from this unfortunate breach that we never directly had contact with due to the nature of this specific breach.
9. Updated our staff with HIPPA compliant training for all accounts with PHI, with specialized training for Cyber Security.
10. Updated Policies and Procedures that were created, provided for approval in the HIPPA investigation, to increase security for staff and clients.
11. Actively cooperated with all recommendations from the HIPPA investigation and had staff take part in additional training they provided that will help us to prevent similar issues in the future.
12. Worked collaboratively with our legal representation that helped us to have our devices analyzed to see what/if any PHI was obtained from these Cyber related crimes, created new policies and procedures and made the changes needed to implement these new updated policies and procedures. Additionally, we followed all of there recommendations as they specialize in HIPPA compliance.
12. Had hired several IT and Cyber Security Companies (separate from the ones hired by our legal team) to secure our accounts and see if any PHI had been obtained from these accounts.
13. We will be notifying individuals personally as we become aware of any further extent of the data breached.
10. PLEASE CHECK OUT OUR BLOG PAGE TO SEE MARKETING MATERIALS THAT WERE PRODUCED BY THE RECOVERY INSTITUTE OF THE SOUTH EAST, P.A, BUT THE CONTACT INFORMATION (INCLUDED ABOVE) WAS POTENTIALLY BEING REROUTED OR COMPROMISED.
11. We have relocated our office to space that prioritizes security and eliminates some of the unfortunate issues due to lack of resources at our former location. Besides a more secure office, we have taken the steps to ensure this office is compliant with HIPPA as well as been checked for any potential issues before we moved into the space. Besides being in a more secure building and location, it also has amazing surroundings so that our clients can enjoy being outside in nature either before or even during the session if requested and appropriate.
Again, I apologize for any inconvenience and will do my best to help take responsibility and prevent any further harm to anyone impacted. Please feel free to contact us with any questions or concerns at 1-800-723-9788.
Most of this was copied from the original page, however, there were a few updated compromised accounts added to the phone numbers, emails, and fax number. We also added some of the extra steps taken to ensure no further data was breached and also to prevent these types of crimes from happening again.
If we find out any further information we will post it to our news section/blog page and share it on our social media accounts.
WE DO HAVE A YOUTUBE ACCOUNT THAT IS ASSOCIATED WITH GOOGLE. WE LINKED IT TO OUT SECURE HOSTING AND WILL BE USING IT FOR THE VIDEOS AND YOUTUBE ACCOUNT ONLY. THE GMAIL ACCOUNT ASSOCIATED WITH IT WILL NOT BE USED AS A WAY TO CONTACT US UNLESS SPECIFICALLY STATED ON THE YOUTUBE ACCOUNT. THE ACCOUNT IS UNDER MY NAME (BET SHADDINGER) AND IT IS LINKED TO OUR WEB HOSTING AT VIDEOS@RISE-THERAPEUTICSERVICES.COM
THANKS AGAIN TO EVERYONE WHO HELPED US OUT DURING THIS STRESSFUL TIME. WE ARE EXCITED TO MOVE FORWARD AND BEGIN BUILDING OUR NEW AND BETTER BUSINESS.
WHICH We would like to thank NueMd.com for providing us with the link to the important information titled, "HIPPA, WE HAVE A PROBLEM!"
THIS IS AN OFFICIAL HIPPA DATA BREACH NOTIFICATION:
I, Bet Shaddinger, am the sole owner of The Recovery Institute of the South East, P.A. since 4/4/2016. Our business WAS located at 700 E. Atlantic Blvd. Suite 200 in Pompano Beach, Fl. 33060. I need to inform the public that it has been confirmed that I have have been victimized by both personal and professional identity theft mainly through cyberstalking and cybercrime related issues. Unfortunately, this crime does not just impact me, but it potentially impacts any past, current, or even potential clients who attempted to contact me professionally through a number of compromised accounts. Please know that I am publicly acknowledging this for the sole purpose of taking responsibility and helping to identify any other potential Victims of this Data Breach that were potentially victimized through my personal and professional accounts that have been compromised.
This notification is a public announcement and acknowledgment of a DATA BREACH that includes PERSONAL HEALTH INFORMATION. We received confirmation that there was a DATA BREACH on 10/18/17 when we were notified by The Office of Civil Rights that the complaint WE filed was a violation of the HIPPA Privacy/Security Rule.
Upon receiving confirmation of this DATA Breach, RISE has taken the steps listed below. Due to the unique circumstances of this Data Breach it is essential we notify the public so that any potential victims can contact us as we are happy to help any impacted individuals take the steps they need to in order to protect themselves from potential harm.
Contact us by phone at: 1-800-723-9788 ext. 1 at this toll free number for any questions or inquiries.
WE ARE HAPPY TO ANNOUNCE THAT WE ARE WRAPPING UP OUR INVESTIGATION AND AWAITING THE FINALIZED ANALYSIS OF THE DEVICES FROM AN IT COMPANY WE HIRED TO HAVE OUR DEVICES CHECKED FOR PHI THAT WOULD HAVE BEEN OBTAINED FROM THE CYBER RELATED CRIMES AND IDENTITY THEFT THAT WAS TARGETING ME (THE OWNER BET SHADDINGER).
WE WILL MAKE A FULL ANNOUNCEMENT ONCE FINALIZING THE INVESTIGATION WHICH SHOULD BE WITHIN THE NEXT WEEK OR TWO.
UPDATE; With the Data Breach Investigation wrapping up, it seems at this time that the information taken from the Cyber-Related Crimes targeting me (Bet Shaddinger, sole owner), my businesses, and my account information, was used to commit personal and professional identity fraud targeting my personal and professional accounts for either fraud or cyberstalking related issues. This determination was made after contacting,closing, and/or changing each compromised account, obtaining new and secure devices, receiving additional training for Cyber Security and HIPPA compliant training specializing in securing PHI on devices and accounts that have any potentially confidential information that would compromise the confidential and privacy of our client's information, and updating our policies and procedures for both staff and clients to ensure that our clients safety and privacy is our first priority. Additionally, after several different forensic and IT evaluations of the devices and accounts compromised, they determined there was no evidence to support that these cyber-related crimes had access to or obtained any PHI from our past and current clients. Since we have no way to tell at this time if potential clients contacting RISE for services have been victimized, we feel it is important to keep this on our blog page and will be included in a summary in our first upcoming newsletter. Sign up for our email list today to get a copy sent to your email with this information and other relevant information about our services, community resources, community issues and struggles, as well as informational and educational information to better your mental health and wellness.
The next blog post will be a complete list of the accounts compromised in case you or someone you know attempted to contact our staff and were redirected to someone using our information for unknown reasons. Please contact us on our 1-800-723-9788 phone number for any questions you may have regarding this or the following blog post.
Lastly, I wanted to thank our amazing clients who supported us during this difficult time as we transitioned relocated to ensure a safer, new and improved business, that can better meet the needs of our clients.
Sign up today for this free community event!!! we are excited to be a part of it and hope to see you there!
The following images are marketing materials that the owner Bet Shaddinger handed out at different community events. Unbeknownst to her, the contact information she had listed had been compromised. In the 4 pictures above ALL CONTACT INFORMATION, INCLUDING, ALL PHONE NUMBERS, ALL EMAILS, AND THE WEBSITE HAD BEEN COMPROMISED BEFORE SHE HAD MADE THE FLYERS AND BUSINESS CARDS.
1. OFFICE PHONE 754-307-5404 WAS HAVING CALLS REROUTED TO AN UNIDENTIFIED SOURCE AT THIS TIME
2. BUSINESS CELL WAS ALSO HAVING CALLS REROUTED TO AN UNIDENTIFIED SOURCE AT THIS TIME
3. WWW.RISETRAUMATHERAPY.COM - THIS WEBSITE INCLUDED THE INTELLECTUAL PROPERTY OF THE RECOVERY INSTITUTE OF THE SOUTH EAST, P.A. (LOGO, SERVICES PROVIDED, CONTACT INFORMATION-PHONE-EMAIL-ETC) ALL WAS COMPROMISED DUE TO THE ACCOUNT BEING TAKEN OVER AND HAVING A C-PANEL HOSTING ADDED TO IT WITHOUT THE OWNERS KNOWLEDGE OR CONSENT. THE OWNER DID NOT PAY FOR THIS SERVICE OR KNEW THAT IT EXISTED.
4. BET@RISETRAUMATHERAPY.COM- BET SHADDINGER HAD NEVER RECEIVED ONE EMAIL ON THIS ACCOUNT AS IT WAS INCLUDED IN THE C-PANEL HOSTING THAT WAS ADDED TO HER WEBSITE WITHOUT HER KNOWLEDGE OR CONSENT. THEREFORE ANYTHING BOTH SENT TO THE BUSINESS THROUGH THE WEBSITE AND/OR CONTACT INFORMATION ASSOCIATED WITH THE ACCOUNT WAS OFTEN TIMES NOT EVEN RECEIVED BY THE OWNER.
5. RISERECOVERY.INFO@GMAIL.COM - THIS EMAIL WAS COMPROMISED AND ALSO BEING REROUTED. THE OWNER IS NOW GETTING BACK SOME OF THE REROUTED EMAILS SHE NEVER HAD ACCESS TO.
WE WILL KEEP UPDATING YOU AS WE KNOW MORE!
We have been updating all of our accounts and have linked our updated Facebook and Twitter accounts because we are excited to start blogging soon!