Southwest Behavioral & Health Services Data Breach Investigation
According to a public notice, Southwest Behavioral & Health Services identified suspicious activity in its email environment on April 1, 2026, and later determined that an unauthorized actor accessed certain information in six employee email accounts. The company says it completed its review on April 30, 2026, and began notifying impacted individuals on May 27, 2026. The notice does not publicly specify the exact types of information that may have been involved, but SB&H says it is offering complimentary credit monitoring and identity protection services. If you received a notice, review your options carefully and fill out the form on this page to see whether you may qualify for a claim.
Southwest Behavioral & Health Services is an Arizona healthcare provider. Based on the organization's public notice, it reported an email-related security incident and later notified affected individuals. If you received a letter from SB&H, the summary below explains what has been disclosed and what steps may help protect you.
Key Facts at a Glance
- Organization: Southwest Behavioral & Health Services
- Industry: Healthcare
- Incident identified: According to the notice, suspicious activity in the email environment was identified on April 1, 2026.
- Reported scope: The notice says an unauthorized actor gained access to certain information in six employee email accounts.
- Review completed: SB&H says its review of potentially impacted email data was completed on April 30, 2026.
- Notice date: The public notice is dated May 27, 2026.
- Public regulatory listing: Structured regulatory data associated with this incident indicates a state attorney general public listing date of May 20, 2027.
- Information involved: The public notice does not specify the exact data elements that may have been present in the affected accounts.
- Affected individuals: Not publicly stated; the notice says individuals whose information was impacted were notified.
- Support offered: SB&H says it is offering complimentary credit monitoring and identity protection services.
- Assistance line: (833) 918-4489, Monday through Friday, 8 a.m. to 8 p.m. Central, excluding major U.S. holidays.
What Happened?
According to Southwest Behavioral & Health Services' notice, the organization identified suspicious activity within its email environment and says it responded immediately to secure systems and investigate the scope of the issue.
The notice states that the investigation determined an unauthorized actor gained access to certain information in six employee email accounts. SB&H also says it conducted a review of the potentially affected email contents to determine what information was present and which people were involved.
That review reportedly finished on April 30, 2026. The company says it notified impacted individuals in compliance with state and federal law, implemented additional technical safeguards, and had no evidence of actual or attempted misuse at the time of the notice.
What Information Was Exposed?
The public notice does not identify the specific personal, financial, or health-related data elements that may have been contained in the affected email accounts. In other words, the notice confirms reported access to certain information, but it does not publicly spell out exactly what information was involved for each person.
If you received a letter from SB&H, that notice is the best source for details about your own situation. Because this is a healthcare organization, it is also wise to watch for unusual activity involving medical accounts, insurance explanations of benefits, billing statements, and credit reports.
What Should You Do Next?
- Read the notice carefully. Check whether SB&H identified you as affected and whether the letter describes any specific information tied to you.
- Enroll in any free protection offered. If complimentary credit monitoring or identity protection was offered, note the enrollment deadline and keep your confirmation records.
- Monitor financial and healthcare activity. Review bank and card statements, credit reports, medical bills, and explanation-of-benefits forms for charges or services you do not recognize.
- Consider a fraud alert or credit freeze. A credit freeze can make it harder for identity thieves to open new accounts in your name. The notice also directs individuals to the major credit bureaus and the FTC for identity-theft guidance.
- Keep documentation. Save the letter, screenshots, claim numbers, and notes about any suspicious activity. Good records can be helpful if problems appear later.
- Ask questions and get help. You can contact SB&H's dedicated assistance line at (833) 918-4489. If you want to understand your legal options, you can also fill out the form on this page to see whether you may qualify for a claim.
Your Legal Rights
If your personal information may have been involved in a reported data incident, you may have rights under state and federal law. Those rights can include receiving notice, using any protective services that were offered, and asking for more information about what happened.
In some situations, affected individuals may also be able to pursue claims related to inadequate data security, delayed notice, or losses and time spent responding to identity-related risks. Whether any claim exists depends on the facts, the type of information involved, and the laws that apply. Because deadlines can matter, it is smart to keep your notice and ask questions sooner rather than later.
Why Hire Strauss Borrelli PLLC?
Strauss Borrelli PLLC focuses on data breach and privacy incident matters and has experience helping people understand reported cyber incidents affecting healthcare providers and other organizations. Our team can review the facts that have been disclosed, explain the next steps in plain English, and help you assess whether you may have a claim.
If you received a Southwest Behavioral & Health Services notice or are concerned your information may have been involved, Strauss Borrelli PLLC can help you understand your options without having to sort through the public filings alone.
If you received a breach notification letter from Southwest Behavioral & Health Services:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
