Majestic Care Middletown Assisted Living LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

In December 2022, Majestic Care Middletown Assisted Living LLC in Indiana experienced a significant data breach that potentially exposed sensitive information of its patients. This incident was unique to the Middletown site and did not affect the other 20-plus campuses operated by Majestic Care, an Indiana-based nursing home company. The breach occurred between December 13 and December 16, 2022, due to malicious software that disrupted access to Majestic Care’s information systems. A third-party forensics firm was engaged to investigate the breach and help securely restore the systems[1][3].

The compromised data potentially included patients’ Social Security numbers, medical records, payment methods, and other personal information such as first and last names, mailing addresses, dates of birth, telephone numbers, and driver’s license numbers[1][3][4]. Majestic Care began notifying those impacted after analyzing the files within their system to understand the extent of the information involved. Although there was no conclusive evidence that the intruder actually accessed or used any personal information, the breach has made the affected individuals susceptible to identity theft, financial fraud, and tax fraud[1][3][4].

Majestic Care has taken steps to monitor its information systems closely and implement further security measures recommended by the investigating forensics firm. They have also encouraged patients to review their account activities and be vigilant for fraudulent activities[1][3]. The breach affected 2,636 individuals who received services through Majestic Care Middletown Assisted Living LLC[6].

In response to the breach, Majestic Care has provided written notice to impacted individuals whose addresses were available. However, they were unable to confirm mailing addresses for some impacted individuals. To address concerns and provide assistance, Majestic Care has made contact information available for those seeking more information or help regarding the breach[3].

This incident underscores the importance of robust cybersecurity measures and the need for constant vigilance to protect sensitive personal and health information from unauthorized access and potential misuse.

Citations:

  1. https://www.journal-news.com/news/medical-social-security-information-compromised-in-middletown-nursing-home-data-breach/EQXFZXC6UFHYRGBRUJBKVE3OTU/
  2. https://dayton247now.com/news/local/area-nursing-homes-reopening-after-updated-visitation-status
  3. https://www.majesticcare.com/03282023-2/
  4. https://www.jdsupra.com/legalnews/majestic-care-files-notice-of-data-8668771/
  5. https://www.thelyonfirm.com/blog/majestic-care-data-breach-investigation/
  6. https://www.hipaajournal.com/hacking-incidents-reported-by-atlantic-general-and-lawrence-general-hospitals/
  7. https://projects.propublica.org/nursing-homes/homes/h-365209
  8. https://www.idstrong.com/sentinel/majestic-care-suffered-data-breach/
  9. https://www.yahoo.com/lifestyle/medical-social-security-information-compromised-011400919.html
Breach Submission Date Mar 17, 2023
Converted Entity Name Majestic Care Middletown Assisted Living LLC
Converted Entity Type Healthcare Provider
State IN
Individuals Affected 2,636
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes