CRG Lynwood, LLC, which operates Lynwood Manor, recently issued notification letters to 6,566 individuals whose data was compromised in a cyberattack first detected on July 12, 2021. The breach initially appeared to involve a business associate providing administrative services, but the investigation concluded that Lynwood Manor’s data was not involved. However, it was later revealed in September 2022 that residents’ data had been accessed.
Following this revelation, Lynwood Manor published a substitute breach notice on its website in November 2022. The data mining process, which was complex and involved both automated and manual reviews, took until January 31, 2024, to complete. On February 1, 2024, Lynwood Manor engaged a third-party vendor to assist with the notification process.
The notification letters were sent to affected individuals on June 7, 2024. The compromised data included names, medical information, driver’s license numbers, and other identification details. Despite the breach, Lynwood Manor reported that there is no known misuse of the data.
As a precaution, Lynwood Manor is offering 12 months of complimentary credit monitoring and identity theft protection services to those affected. The organization has also implemented additional monitoring tools and continues to enhance the security of its systems to prevent future incidents.
Reference:
