Blakehurst

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Blakehurst Data Breach Overview

Blakehurst, a senior living community located in Towson, Maryland, experienced a data security breach that was first identified on or around February 7, 2022. The breach involved unauthorized access to some employee email accounts, which contained personal and protected health information (PHI) of current and former employees, as well as individuals who received services from Blakehurst[1][2][3][4][6][7][8].

Information Compromised

The types of information that may have been accessed include:

  • Names

  • Dates of birth

  • Social Security numbers
  • Driver’s license numbers
  • Financial account numbers with access information
  • Medical information
  • Health insurance information[1][2][3][4][6][7][8]

Response to the Breach

Upon discovering the unusual activity, Blakehurst took immediate steps to secure its digital environment and engaged a leading cybersecurity firm to assist with an investigation. The investigation determined that the breach was limited to information transmitted by email and there was no evidence to suggest an impact on Blakehurst’s internal digital environment[6].

A comprehensive review of the potentially affected data was completed by August 4, 2022, and Blakehurst worked to obtain contact information to notify potentially affected individuals by September 20, 2022. Notifications to the individuals began on December 6, 2022[2][3][6].

Measures Taken

Blakehurst has offered complimentary credit monitoring and identity theft restoration services to those affected by the breach. The community has also established a toll-free call center to answer questions about the incident and has taken steps to enhance the security of its email environment to prevent similar incidents in the future[1][2][3][4][6][7][8].

Legal and Consumer Information

Affected individuals have been provided with information about steps they can take to protect their personal information. Under Massachusetts law, victims of identity theft have the right to obtain any police report filed in regard to the incident and to file a police report themselves[7].

Contact Information

For further assistance or questions about the incident, affected individuals can contact the dedicated assistance line at 888-557-5310, available Monday through Friday from 9:00 AM to 9:00 PM Eastern Time[2][6].

Conclusion

Blakehurst has expressed deep regret for any inconvenience or concern caused by the incident and has emphasized that the privacy and protection of personal and protected health information is a top priority for the community[1][2][8].

Citations:

  1. https://www.mcknightsseniorliving.com/home/news/maryland-senior-living-community-announces-data-security-breach/
  2. https://www.prnewswire.com/news-releases/blakehurst-provides-notice-of-data-security-incident-301696370.html
  3. https://www.hipaajournal.com/data-breaches-reported-by-carefirst-administrators-legacy-health-blakehurst/
  4. https://www.turkestrauss.com/2022/12/13/blakehurst-data-breach-investigation/
  5. https://www.hipaaguidelines101.com/data-breaches-at-carefirst-administrators-blakehurst-and-legacy-health/
  6. https://www.doj.nh.gov/consumer/security-breaches/documents/blakehurst-20221207.pdf
  7. https://www.mass.gov/doc/assigned-data-breach-number-28728-blakehurst/download
  8. https://healthitsecurity.com/news/ca-hospital-notifies-patients-of-healthcare-data-breach
Breach Submission Date Dec 06, 2022
Converted Entity Name Blakehurst
Converted Entity Type Healthcare Provider
State MD
Individuals Affected 1,047
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes