Classic Residence Management Limited Partnership

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Classic Residence Management Limited Partnership, doing business as Vi Living, experienced a data breach that was first discovered on March 13, 2023, when an unauthorized party gained access to the company’s corporate office network and data server. The breach resulted in the potential exposure of sensitive consumer information, including names and Social Security numbers. Vi Living completed its investigation into the compromised files on July 25, 2023, and began sending out data breach notification letters to the affected individuals on September 29, 2023[1].

Vi Living is a company that develops and operates Continuing Care Retirement Communities and is based in Chicago, Illinois. The company operates 10 senior living communities, employs more than 2,900 people, and generates approximately $425 million in annual revenue[1].

The data breach affected over 61,000 residents, and Vi Living has taken steps to prevent a similar incident in the future by enhancing its technical security measures. The company also offered complimentary credit monitoring services to the affected individuals and provided information on how to protect themselves against potential fraud or identity theft[1].

The breach was reported to the Attorney General of Maine, and the total number of persons affected was 61,425, with 2 residents from Maine. Vi Living reported the breach as an external system breach (hacking) and provided 12 months of credit monitoring and identity theft protection services through Experian[12].

Law firm Wolf Haldenstein Adler Freeman & Herz LLP issued a data breach alert and is investigating claims on behalf of patients of Vi Senior Living whose information may have been stolen and potentially posted on the dark web as part of the hack[4].

The breach is part of a larger trend of cyberattacks and data breaches affecting various organizations, including healthcare entities, which have been warned to be at risk for such attacks[13]. The Federal Communications Commission (FCC) has also recently required carriers to notify customers of breaches of covered data without unreasonable delay and in no case more than 30 days following a reasonable determination of a breach[15].

Citations:

  1. https://www.jdsupra.com/legalnews/vi-living-confirms-recent-data-breach-4536044/
  2. https://apps.web.maine.gov/online/aeviewer/ME/40/list.shtml
  3. https://law.justia.com/cases/illinois/court-of-appeals-first-appellate-district/2021/1-19-1858.html
  4. https://www.marketwatch.com/press-release/classic-residence-management-limited-partnership-d-b-a-vi-senior-living-data-breach-alert-issued-by-wolf-haldenstein-adler-freeman-herz-llp-5997d169
  5. https://dojmt.gov/consumer/databreach/
  6. https://www.viliving.com/-/media/viliving/home/locations/sc/hilton-head-tide-pointe/hipaa/tidepointe_hipaa.ashx
  7. https://www.viliving.com/terms-of-use
  8. https://www.hackmageddon.com/2023/11/28/16-30-september-2023-cyber-attacks-timeline/
  9. https://media.newswire.ca/forefrontmedianews.html?filter=20509&rkey=20240102PH02892
  10. https://www.doj.nh.gov/consumer/security-breaches/documents/classic-residence-management-limited-partnership-20230929.pdf
  11. https://www.theguardian.com/news/2021/oct/03/pandora-papers-biggest-ever-leak-of-offshore-data-exposes-financial-secrets-of-rich-and-powerful
  12. https://apps.web.maine.gov/online/aeviewer/ME/40/c8f41276-305c-40cd-951d-89138c9afbc1.shtml
  13. https://fox59.com/news/national-world/cyberattacks-on-hospitals-are-likely-to-increase-putting-lives-at-risk-experts-warn/
  14. https://www.myinjuryattorney.com/vi-living-data-breach-investigation/
  15. https://it.slashdot.org/story/24/02/12/2218230/fcc-requires-telcos-to-disclose-when-your-personal-info-is-stolen
  16. https://www.anylaw.com/case/antler-v-classic-residence-management-limited-partnership/appellate-court-of-illinois/06-29-2000/3q90S2YBTlTomsSBR538
  17. https://www.pashalaw.com/share-equity-interest-without-giving-up-control-pasha/
  18. https://www.doj.nh.gov/consumer/security-breaches/c.htm
  19. https://www.ncoa.org/article/top-5-financial-scams-targeting-older-adults
Breach Submission Date Jun 02, 2023
Converted Entity Name Classic Residence Management Limited Partnership
Converted Entity Type Healthcare Provider
State IL
Individuals Affected 12,405
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes