What happened in the Mystic Valley Elder Services (MVES) data breach?

Mystic Valley Elder Services, a nonprofit organization in Massachusetts, experienced a data breach when an unauthorized party accessed its computer network. The breach was detected on April 5, 2024, and was promptly contained. Law enforcement was notified, and an investigation was initiated with external cybersecurity experts.

What information was exposed in the Mystic Valley Elder Services data breach?

The exposed personal information includes names, dates of birth, passport numbers, financial account numbers, payment card numbers, online credentials, Social Security numbers, driver’s license numbers, health insurance information, and medical information.

How did Mystic Valley Elder Services respond to the data breach?

Upon detecting the breach, Mystic Valley Elder Services contained the incident, notified law enforcement, and launched an investigation with the help of external cybersecurity experts. Notification letters were sent to affected individuals on October 22, 2024, providing details about the compromised information.

Has the number of affected individuals been disclosed by Mystic Valley Elder Services?

No, Mystic Valley Elder Services has not disclosed the total number of individuals affected by the breach.

What should affected individuals do following the Mystic Valley Elder Services data breach?

Affected individuals should review the information provided in the notification letter, monitor their financial accounts for any suspicious activity, consider placing fraud alerts on their credit reports, and update their online credentials to enhance security.

Incident

Mystic Valley Elder Services reports data breach

published: Oct. 28, 2024

Learn More

Mystic Valley Elder Services (MVES) reports a data breach after an unauthorized party had its computer network. Mystic Valley Elder Services is a nonprofit organization in Massachusetts that provides a range of home and community-based services to older adults, adults with disabilities, and caregivers, supporting independent living across 11 cities and towns in the Mystic Valley region

The breach, first detected on April 5, 2024. After detecting the breach, MVES contained it, informed law enforcement, and initiated an investigation with the assistance of external cybersecurity experts.

The investigation confirmed that confidential data had been accessed on April 5, 2024. The exposed personal information includes:

Names
Dates of birth
Passport numbers
Financial account numbers
Payment card numbers
Online credentials
Social Security numbers
Driver’s license numbers
Health insurance information
Medical information

The organization has not disclosed the cause of the breach, and the number of affected individuals.

Update - as of 1st of November 2024, media reports that the Mystic Valley Elder Services cyberattack compromised the information of nearly 87,000 individuals.

Notification letters were sent to the impacted individuals on October 22, 2024, detailing the specific information that was compromised.

Mystic Valley Elder Services reports data breach

Read More
Stryker Corporation reports data breach
Berkshire Health Systems reports data breach, unauthorized employee …
Mt. Baker Imaging and Northwest Radiologists report data …
Dentistry.One reports data breach exposing patient information
Spokane Regional Health District reports data breach, potentially …