Mystic Valley Elder Services is a non-profit organization located in Massachusetts that provides care to adults over the age of 60.
They serve more than 11 communities in the Boston area and offer a range of services from home care to technology access for seniors.
The majority of funding for the organization comes from federal, state, and local governments.
In 2024, Mystic Valley detected suspicious activity on its computer network, including a data breach.
The organization discovered that cyber criminals had gained access to its computer network and data files.
Through the cyber-attack, the hackers accessed personal data on more than 87,000 individuals.
The data included names, social security numbers, DOBs, and medical data, along with health insurance, payment info, and passports information.
This is data that can be sold on the dark web and used to carry out identity theft.
It’s no secret that senior facilities and healthcare in general are common targets of hackers.
In 2024, 92% of healthcare providers reported experiencing a cyber-attack…
In fact, there were an eye-popping 2,500 attacks per week.
The point is that senior service providers like Mystic Valley are a common target for hackers.
Here are a few reasons why:
A lot of data:
Organizations that provide senior services collect a lot of valuable personal and medical data.
This includes information such as health records, Medicare numbers, insurance details, and banking information.
All the personal information about a person a thief could want is held by these companies.
The reality is that not only can this data be used for identity theft, but it can also be used to carry out insurance fraud.
Weak security:
Mystic Valley Elder Services is a non-profit organization and there are many other organizations just like it.
The thing is that these are non-profits that depend on government funds.
These organizations depend on government funds, operate on limited budgets and often use outdated systems.
They might lack an on-site IT department and most likely don’t have a cybersecurity staff.
Plus, these companies don’t make cybersecurity training a priority for all their employees.
These organizations are easy targets since they don’t have the same level of security that a big hospital has in place.
In other words, people who live in senior facilities need to make their security a priority themselves. This means keeping all devices and software updated.
Senior living facilities usually don’t do enough for cybersecurity. So the people who live in these places need to do it themselves.
Putting lives at risk:
One of the reasons that hackers target senior living facilities is that they know that disrupting operations could endanger lives.
The hackers understand that these organizations are likely to pay a ransom to protect the lives of their customers and restore services.
If you or a loved one is moving into a senior living facility you should ask them how they handle data breaches.
Find out if they have a response plan in place and if they will notify the family of the victims of the cyber-attack.
You can even ask if they have a third-party security audit, and if they follow HIPAA reporting guidelines.
If you or a loved one is the victim of a cyber breach, you want the organization to tell you as soon as possible so you can take extra security measures.
Protecting seniors who live in these facilities requires both security from the organization as well as reminding seniors of ways to avoid falling victim.
To avoid personally falling victim to these attacks, you should remember to always use anti-virus software, a VPN, and strong passwords.
