Data Privacy Incident
On April 5, 2024, Mystic Valley Elder Services (“MVES”) discovered that a third party gained access to certain MVES systems. Upon identifying the issue, MVES promptly initiated an internal investigation, took steps to contain the incident, and notified law enforcement. MVES also engaged a forensic cybersecurity firm to assist with the investigation and ensure the security of MVES computer systems and network.
The forensic investigation confirmed that the third party accessed MVES’ computer systems on April 5, 2024, and that certain files may have been acquired from MVES’ systems as part of the incident. MVES reviewed the files to determine if they contained any personal information. The file review concluded on July 11, 2024, and MVES found that the files contained personal information, including, depending on the individual: names, dates of birth, passport numbers, taxpayer identification numbers, financial account numbers, payment card numbers, online credentials, Social Security numbers, driver’s license numbers, health insurance information, and medical information.
To the extent it has current contact information, MVES is sending written notifications to individuals whose information may have been involved in the incident. MVES has also arranged for complimentary identity theft protection services for those individuals whose Social Security numbers and/or driver’s license numbers may be involved in the incident.
Individuals should refer to the notice they receive in the mail regarding steps they can take to protect themselves, should they feel the need to do so. As a precautionary measure, individuals should remain vigilant to protect against potential fraud and/or identity theft by, among other things, reviewing their account statements and monitoring credit reports closely. If individuals detect any suspicious activity on an account, they should promptly notify the financial institution or company with which the account is maintained. Individuals should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities, including the police and their state’s attorney general.
Involved individuals may also wish to review the tips provided by the Federal Trade Commission (“FTC”) on fraud alerts, security/credit freezes and steps that they can take to avoid identity theft. For more information and to contact the FTC, please visit www.ftc.gov/idtheft or call 1-877-ID-THEFT (1-877-438-4338). Individuals may also contact the FTC at the following: Federal Trade Commission, 600 Pennsylvania Avenue, NW, Washington, DC 20580.
MVES is committed to maintaining the privacy and security of the information entrusted to us. MVES is taking additional steps to help reduce the likelihood of the occurrence of a similar event in the future, including enhancing technical security measures. For further information and assistance, please call (888) 449-8893 from 9:00 AM to 7:00 PM Eastern Time, Monday through Friday.
Join us in our mission!
Subscribe to our e-newsletter The Beacon to stay up-to-date on MVES programs and opportunities.