ROCKVILLE, MD – January 19, 2018 – Westminster Ingleside King Farm Presbyterian Retirement Communities, Inc. (“Ingleside”) has become aware of a data security incident that may have involved the protected health information of our residents. Although at this time there is no evidence of any attempted or actual misuse of anyone’s information as a result of this incident, we have taken steps to notify all potentially impacted individuals, and to provide resources to assist them.
While data security breaches are becoming more commonplace around the world, Ingleside has been successful over the years in implementing multiple security mechanisms to safeguard our systems. Despite our focused efforts, on November 21, 2017, we discovered that we had been the target of a criminal malware attack. We immediately took action, launching a software program to assist in finding and removing the malware from our system. We also engaged independent computer forensics experts to determine how the incident occurred and if information had been accessed by an unauthorized third party. Although the investigation did not identify any evidence of access to your information, we unfortunately could not completely rule out the possibility that your personal information, including your name, address, date of birth, Social Security number, and protected health information may have been compromised because of this criminal activity. Your financial transactions including payment information were not involved in this incident.
We take the security of all potentially impacted individuals’ information very seriously, and want to assure you that we have taken steps to prevent a similar event from occurring in the future. This includes upgrading our firewall, antivirus and malware security, requiring all new user credentials/passwords, adopting dual-factor authentication, and providing additional staff training on identifying unauthorized access.
We mailed a letter to individuals potentially impacted by this event which includes steps they can take to monitor and protect their personal information. We have also established a toll-free call center to answer questions about the incident and related concerns. The call center is available Monday through Friday from 8:00 a.m. to 8:00 p.m., Eastern Time and can be reached at 833-214-8743. In addition, out of an abundance of caution, we are offering credit monitoring and identity theft restoration services through Kroll to potentially impacted individuals at no cost.
The privacy and protection of resident information is a top priority, and we deeply regret any inconvenience or concern this incident may cause. _____________________________________________________________________________
The following information is provided to help individuals wanting more information on steps they can take to protect themselves:
How do I obtain a copy of my credit report?
You can obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To order your credit report, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is included in the e-mail and letter, and is also listed at the bottom of this page.
How do I put a fraud alert on my account?
You may consider placing a fraud alert on your credit report. This fraud alert statement informs creditors to possible fraudulent activity within your report and requests that your creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact Equifax, Experian or TransUnion and follow the Fraud Victims instructions. To place a fraud alert on your credit accounts, contact your financial institution or credit provider. Contact information for the three nationwide credit reporting agencies is included in the letter and is also listed at the bottom of this page.
Contact information for the three nationwide credit reporting agencies is as follows:
Equifax Security Freeze PO Box 105788 Atlanta, GA 30348 1-800-685-1111 www.equifax.com
Experian Security Freeze PO Box 9554
Allen, TX 75013 1-888-397-3742 www.experian.com
TransUnion (FVAD) PO Box 2000 Chester, PA 19022 1-800-888-4213 www.transunion.com
Source: Westminster Ingleside King Farm Presbyterian Retirement Communities
Note: The incident was reported to HHS as affecting 5,228 patients.