Data Breaches

Mystic Valley Elder Services Data Breach Impacts 87,000 People

Mystic Valley Elder Services detected a security breach in April and now says files containing personal information may have been stolen.

Mystic Valley Elder Services detected a security breach in April and now says files containing personal information may have been stolen.

Mystic Valley Elder Services, a Massachusetts-based non-profit that provides health and other services to the elderly and people with disabilities, has suffered a data breach impacting many individuals. 

The intrusion was detected by Mystic Valley Elder Services (MVES) in early April and an investigation was immediately launched. 

The investigation revealed a few months later that the attacker may have stolen files containing personal information, including name, date of birth, Social Security number, passport number, payment card and financial account number, online credentials, driver’s license number, health insurance information, and medical information.

Mystic Valley started notifying impacted individuals in June and has now revealed that tens of thousands of people are affected. 

The organization this week told the attorney general in Maine and the Department of Health and Human Services that approximately 87,000 individuals are impacted.

Cybercriminals often target healthcare organizations and these attacks can impact hundreds of thousands and even millions of people. 

Advertisement. Scroll to continue reading.

None of the known ransomware groups has taken credit for the attack on Mystic Valley Elder Services. That does not necessarily mean the organization was not targeted by a ransomware group. 

Related: Omni Family Health Data Breach Impacts 470,000 Individuals

Related: Italian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 Citizens

Related: Landmark Admin Discloses Data Breach Impacting 800,000 People

Related: Electric Motor Giant Nidec Confirms Data Stolen in Ransomware Attack

Related Content

Data Breaches

Hackers exploited a zero-day vulnerability in a third-party system to access a KDDI email system for ISPs.

Data Breaches

Hackers accessed the institution’s internal network and deleted two drives containing employee, student, and university data.

Data Breaches

The professional services giant says it contained the incident, remediated its source, and experienced no operational or service delivery impact.

Cybercrime

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information.

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Data Breaches

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version