Wabi Sabi Behavioral Health Center Data Breach Exposes SSNs

Wabi Sabi Behavioral Health Center LLC, a behavioral and mental health clinic based in Hastings, Nebraska, has disclosed a data breach involving unauthorized access to employee payroll records.

On June 15, 2026, an unauthorized user gained access to the company's QuickBooks Online account through compromised credentials. The company discovered the incident on the same day after identifying unauthorized changes to payroll-related information.

After discovering the unauthorized access, the company secured the affected accounts and worked with Intuit to investigate the scope of the incident. The investigation confirmed that the unauthorized access has since been removed.

The company's investigation determined that the unauthorized user had access to payroll records and may have been able to view personal information contained in those records. The types of information exposed included names, addresses and Social Security numbers.

Wabi Sabi Behavioral Health Center began mailing notification letters to affected individuals on June 25, 2026. The incident was disclosed to the Nebraska Attorney General.

Wabi Sabi Behavioral Health Center's response to the breach

Wabi Sabi Behavioral Health Center is offering identity monitoring services at no cost to affected individuals for 12 months through Kroll.

Affected individuals can activate their identity monitoring services by visiting Kroll's enrollment page and entering the activation code and verification ID included in their notification letter. The deadline to enroll is Sept. 30, 2026.

Individuals with questions about the breach can call 402-460-0367, Monday through Friday from 8:00 a.m. to 5:00 p.m. Central Time, excluding major U.S. holidays.