Graceworks Lutheran Services

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Graceworks Lutheran Services, a social services organization based in Dayton, Ohio, experienced a significant data breach that was discovered on February 18, 2023. This breach potentially exposed sensitive personal identifiable information and protected health information of over 6,700 individuals. The organization, which was founded in 1926, offers a variety of services including residential lifestyle and programming resources for seniors and adults with developmental disabilities. It operates over 50 locations across southwest Ohio, southeast Indiana, and Northern Kentucky, including Bethany Village, a large retirement community[1][4].

The data breach involved unauthorized access to the organization’s systems, leading to the potential exposure of various types of personal information. This included names, Social Security numbers, addresses, dates of birth, medical diagnosis and treatment information, health insurance information, and prescription information. In response to the breach, Graceworks Lutheran Services began contacting affected individuals on April 17, 2023, to inform them of the incident and the steps they could take to protect their personal information[1].

To address the breach, Graceworks Lutheran Services immediately launched an investigation and implemented additional security measures to enhance its data security. Despite the breach, there was no evidence to indicate that any of the accessed information had been misused[4].

This incident underscores the ongoing challenges organizations face in protecting sensitive personal and health information from unauthorized access and potential data breaches. It also highlights the importance of robust data security measures and prompt response strategies to mitigate the impact of such incidents on affected individuals[1][4].

Citations:

  1. https://www.turkestrauss.com/2023/05/02/graceworks-lutheran-services-data-breach-investigation/
  2. https://www.daytondailynews.com/business/bethany-village-complies-with-osha-after-worker-deadly-fall/tXSXRWxRO0E1yzs4drwFQL/
  3. https://www.sans.org/newsletters/newsbites/xxv-35/
  4. https://healthitsecurity.com/news/latest-reported-data-breaches-impact-variety-of-healthcare-orgs
  5. https://bethanylutheranvillage.org/news/how-to-protect-yourself-online-with-strong-passwords/
  6. https://www.fairfieldtwp.org/media/meetings-and-minutes/19-128-757.pdf
  7. https://www.daytondailynews.com/news/local/osha-hazards-found-centerville-nursing-home-where-worker-fell-death/WWeetMlQuSWDx80UC00fbK/
  8. https://www.eeoc.gov/newsroom/search?page=84
  9. https://graceworks.org
  10. https://www.daytondailynews.com/news/local/services-set-for-worker-killed-bethany-village-osha-probe-ongoing/ZmxyfRYtASQPaTAX3G7vvJ/
  11. https://www.hipaajournal.com/up-to-184000-clients-of-lutheran-social-services-of-illinois-impacted-by-ransomware-attack/
  12. https://trellis.law/doc/199419250/motion-intervene-filed-by-graceworks-lutheran-services-dba-bethany-lutheran-village-filed-by-jessica-e-salisbury-copper
Breach Submission Date Apr 19, 2023
Converted Entity Name Graceworks Lutheran Services
Converted Entity Type Healthcare Provider
State OH
Individuals Affected 6,737
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes