American Addiction Centers is notifying more than 422,000 people that their personal information was stolen in a recent data breach.

The Brentwood, Tennessee-based organization provides inpatient and outpatient substance abuse treatment services through a network of rehabilitation facilities across multiple states. It employs over 2,700 people.

The incident was identified on September 26, but the attackers had access to the organization’s servers for at least several days prior and stole certain data during that time.

In late November, the organization informed the US Department of Health and Human Services that 410,747 individuals were affected by the attack.

On December 23, American Addiction Centers notified the Maine Attorney General’s Office that the attackers stole the personal information of 422,424 people, and that it has started sending written notification letters to all the affected individuals.

The exfiltrated information includes names, addresses, phone numbers, dates of birth, Social Security numbers, health insurance information, and medical record numbers or other identifiers.

“The affected information did not include your treatment information, or payment card data,” the notification letter, a copy of which was submitted to the Maine AGO, reads.

American Addiction Centers says it is not aware of any identity theft or fraud related to the use of the stolen information, but is providing the affected individuals with 12 months of free alerts on changes made to their credit files.

The organization has not shared specific details on the type of cyberattack it fell victim to, but the Rhysida ransomware gang claimed responsibility for the incident in mid-November, when it added American Addiction Centers to its Tor-based leak site.

The cybercrime group said it stole roughly 2.8 terabytes of data from the organization, and has made most of it available publicly, indicating that it failed to extort American Addiction Centers.

Related: 5.6 Million Impacted by Ransomware Attack on Healthcare Giant Ascension

Related: Hacker Leaks Cisco Data

Related: Cruise Giant Carnival Says Customers Affected by Breach

Related: DigitalOcean Discloses Breach Involving Billing Information