A Maryland senior living community announced Tuesday that it was the victim of a data breach in February involving the personal and protected health information of employees.
Blakehurst, a Chestnut Partnership life plan community in Towson, MD, indicated in the Dec. 6 announcement that it had notified potentially affected people and would provide credit monitoring resources.
“The privacy and protection of personal health information is the top priority for Blakehurst,” the notice read. “We deeply regret any inconvenience or concern this incident caused.”
The notice stated that on Feb. 7, Blakehurst became aware of “unusual activity in its email environment.” The community said that it took immediate steps to secure its information and hired a cybersecurity firm to assist with an investigation to determine what information was affected.
In August, that investigation revealed that some employee email accounts had been accessed without authorization. The company hired a vendor to complete a comprehensive review of the affected data, which revealed that certain personal and protected health information — including names, birth dates, Social Security numbers, driver’s license information, financial account numbers and access information, medical information, and/or health insurance information — may have been accessed.
Blakehurst stated in its notice that it is not aware of any misuse of this information but notified potentially affected individuals this week. The company also provided information about steps that individuals could take to protect personal information and offered complimentary credit monitoring and identity theft restoration services.
Blakehurst also established a toll-free call center to answer questions about the incident.
Senior living providers were among the victims of the NetWalker hacker ring earlier this year that extorted at least $27.6 million from dozens of businesses — healthcare providers, including senior living providers, as well as law enforcement and educational institutions all over the world.
Among other recent security breach victims, an assisted living community was affected by Karakurt ransomware group’s campaign this summer. It has attacked more than 16 healthcare providers since early 2021.