Mystic Valley Elder Services Provides Notice of Recent Data Breach Affecting 87,236 | Console and Associates, PC

On October 22, 2024, Mystic Valley Elder Services (“MVES”) filed a data breach notification with the Maine Attorney General after discovering that an unauthorized third party had accessed the company’s computer network. In this notice, MVES explains that as a result of the incident, an unauthorized party was able to access sensitive consumer information, which includes their names, dates of birth, passport numbers, financial account numbers, payment card numbers, online registration data, social security numbers, driver’s license numbers rights, health insurance information and medical information. After the investigation was completed, MVES began sending data breach letters to all individuals whose information was affected by the recent data security incident.

If you’ve received a data breach notification from Mystic Valley Elder Services, it’s important to understand what’s at stake and what you can do about it. A data breach attorney can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, and discuss your legal options after a data breach in Mystic Valley. To learn more, check out our recent piece on this topic here.

What caused the Mystic Valley data leak?

The Mystic Valley data leak was only recently announced, and more information is expected in the near future. However, MVES’ filing with the Maine Attorney General contains important information about what led to the breach. MVES also posted a message on its website discussing the incident and the company’s response.

According to these sources, on April 5, 2024, MVES became aware that an unauthorized person had gained access to its computer network. In response, MVES contained the incident, notified law enforcement, and then began working with external cybersecurity experts to investigate the incident.

Through this investigation, MVEC confirmed that on April 5, 2024, an unauthorized party was able to gain access to its systems, including files containing sensitive information belonging to certain individuals.

After learning that sensitive consumer data had been accessed by an unauthorized party, Mystic Valley reviewed the compromised files to determine what information was leaked and which consumers were affected. MVES completed this process on July 11, 2024, and while the leaked information depends on the individual, it may include your name, date of birth, passport number, financial account numbers, payment card numbers, online credentials, social security number, driver’s license number , health insurance information and medical information.

On October 22, 2024, Mystic Valley sent data breach letters to all those affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them has been compromised.

More information about Mystic Valley Elder Services

Mystic Valley Elder Services, founded in 1975, is a company that provides various levels of care for adults 60 years of age and older. MVES is based in Malden, Massachusetts and serves more than 70,000 people a year in Chelsea, Everett, Malden, Medford, Melrose, North Reading, Revere, Stoneham, Wakefield and Winthrop. Mystic Valley employs more than 353 people and generates approximately $62 million in annual revenue.