BrightStar Care Announces Data Breach After Employee Email Account Hacked | Console and Associates, PC

On October 28, 2024, BrightStar Care (“BrightStar”) filed a data breach complaint with the Massachusetts Attorney General after discovering unauthorized access to an employee’s email account. In this notice, BrightStar explains that as a result of the incident, an unauthorized party was able to access confidential consumer information. After the investigation was completed, BrightStar began sending data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you’ve received a data breach notification from BrightStar Care, it’s important to understand what’s at stake and what you can do about it. A data breach attorney can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, and discuss your legal options after a BrightStar Care data breach. To learn more, check out our recent piece on this topic here.

What caused the BrightStar Care data breach?

The BrightStar Care data breach was only recently announced, and more information is expected in the near future. However, BrightStar’s filing with the Massachusetts Attorney General provides important information about what led to the breach. According to this source, BrightStar recently detected suspicious activity on an employee’s email account. In response, BrightStar reset the account’s password and then worked with third-party cybersecurity experts to investigate the incident.

During this investigation, BrightStar confirmed that an unauthorized party had access to the infected email account between May 15, 2024 and May 16, 2024. It was later determined that the email account contained sensitive consumer information in various emails and attachments.

After learning that sensitive consumer data had been accessed by an unauthorized party, BrightStar Care reviewed the compromised files to determine what information was leaked and which consumers were affected. BrightStar completed this review process on August 29, 2024.

On October 28, 2024, BrightStar Care sent personalized data breach letters to all those affected by the recent data security incident. While the public data breach letter from BrightStar Care does not mention what types of data were breached, the personalized letters that BrightStar recently sent out should provide victims with a list of what information belonging to them was breached.

More information about BrightStar Care

Founded in 2002, BrightStar Care is a national home care and personal care franchise located in Herne, IL. BrightStar provides a variety of care options based on need, including home care, skilled nursing, hospice care, memory care and medical staff. The company operates more than 390 locations throughout the United States. BrightStar Care employs more than 16,030 people and generates approximately $2.2 billion in annual revenue.