HCF Management Data Breach Compromises Personal Data of Long-Term Care Residents

Jan 24, 2025 | KLF Blog

More than 57,000 residents of long-term care facilities operated by HCF Management Inc. (“HCF” or “HCF Management”) were notified that their data was stolen in a hacking incident, according to Hippajournal.com.

HCF Management, a company which manages long-term care facilities in Ohio and Pennsylvania, detected a cyberattack on October 3, 2024, and on November 19, 2024, “HCF Management confirmed that the hacker had exfiltrated files containing residents’ information.”

Data Compromised by the HCF Management Data Breach

According to Hippajournal.com, the personal data compromised as a result of the cyberattack may have included:

  • Names
  • Addresses
  • Phone numbers
  • Dates of birth
  • Social Security numbers
  • Medical treatment information
  • Health insurance details

HCF Management Long-Term Care Facilities Impacted by the Data Breach

A review of U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), breach report data reflects that 57,927 long-term care residents in 31 care facilities in Ohio and Pennsylvania have been affected, as follows:

Facility Name

 State Industry Records Affected Incident Date
HCF of Washington Inc. (“Court House Manor”) OH Healthcare Provider 2,489 01/09/2025
HCF of Warren Inc. (“Warren Manor”) PA Healthcare Provider 2,709 01/09/2025
HCF of Wapakoneta Inc. (“Wapakoneta Manor”) OH Healthcare Provider 1,862 01/09/2025
HCF of Van Wert Inc. (“Van Wert Manor”) OH Healthcare Provider 1,604 01/09/2025
HCF of Sweden Valley Inc. (“Sweden Valley Manor”) PA Healthcare Provider 1,768 01/09/2025
HCF of Shawnee Inc. (“Shawnee Manor”) OH Healthcare Provider 4,395 01/09/2025
HCF of Roselawn Inc. (“Roselawn Manor”) OH Healthcare Provider 1,208 01/09/2025
HCF of Piqua Inc. (“Piqua Manor”) OH Healthcare Provider 2,969 01/09/2025
HCF of Perrysburg Inc. (“Manor at Perrysburg”) OH Healthcare Provider 2,704 01/09/2025
HCF of Hempfield Inc. (“Hempfield Manor”) PA Healthcare Provider 4,744 01/09/2025
HCF of Garbry Ridge (“Garbry Ridge”) OH Healthcare Provider 512 01/09/2025
HCF of Fox Run Inc. (“The Manor at Greendale”) OH Healthcare Provider 2,333 01/09/2025
HCF of Fostoria Inc. (“St. Catherine’s Manor”) OH Healthcare Provider 1,253 01/09/2025
HCF of Findlay Inc. (“Fox Run Manor”) OH Healthcare Provider 3,986 01/09/2025
HCF of Fairview Inc. (“Fairview Manor”) PA Healthcare Provider 2,935 01/09/2025
HCF of Edinboro Inc. (“Edinboro Manor”) PA Healthcare Provider 2,844 01/09/2025
HCF of Crestview Inc. (“Village at the Greene”) OH Healthcare Provider 1,944 01/09/2025
HCF of Court House Inc. (“St. Catherine’s Manor”) OH Healthcare Provider 3,012 01/09/2025
HCF of Corry Inc. (“Corry Manor”) PA Healthcare Provider 2,620 01/09/2025
HCF of Celina Inc. (“Celina Manor”) OH Healthcare Provider 2,321 01/09/2025
HCF of Briarwood Inc. (“Briarwood Village”) OH Healthcare Provider 2,650 01/09/2025
HCF of Bradford Inc. (“Bradford Manor”) PA Healthcare Provider 1,565 01/09/2025
HCF of Bowling Green, Inc. (“Bowling Green Manor”) OH Healthcare Provider 3,500 01/09/2025

DataBreaches.net reported that “. . . of the 25 locations/facilities HCF lists on its website, only two do not have listings on HHS’s public breach tool: Burton’s Ridge and The Ridge of Lancaster. Whether they each had less than 500 patients affected or reports just have not shown up yet is unknown to DataBreaches, but for the 23 facilities that submitted reports to HHS, a total of 57,927 patients were affected.”

HCF Management’s Heritage Health Care Data Breach – 12,162 Individuals Affected 

According to DataBreaches.net, “[i]n addition to the 23 specific locations, Heritage Health Care, which is HCF Management’s home healthcare service for in-home care in Pennsylvania and Ohio, reported that 12,162 patients were affected, bringing the total number of patients for the incident to 70,089.”

HHS, OCR, breach data also reflects Heritage Health Care was the victim of a hacking/IT incident which affected 12,162 individuals.

Did You Receive a Notice About the HCF Management or Heritage Health Care Data Breach? 

If you’ve received notice of either data breach and have questions—or if you’ve experienced fraud, identity theft, or other harm as a result—Kehoe Law Firm, P.C. is here to help you understand your rights and explore your legal options.

Send us a message for more information or if you would like a free, no-obligation legal evaluation, please contact:

Kehoe Law Firm’s class action legal services are provided on a contingency-fee basis, meaning you are not responsible for any fees or litigation expenses.

 

 

SEND US A MESSAGE

Contact Us

ADDRESS

Kehoe Law Firm, P.C.
2001 Market Street
Suite 2500
Philadelphia, PA 19103

PHONE

Tel: 215-792-6676

EMAIL

[email protected]

Universal Lenders Data Breach – 19,575 Individuals Affected

Jan 24, 2025 | KLF Blog

Universal Lenders, LLC (“Universal Lenders”) filed a data breach notification with the Office of the Maine Attorney General regarding a breach that may have affected the personal information of 19,575 individuals. The breach occurred on November 7, 2024, and on January 14, 2025, Universal Lenders discovered that some personal information may have been compromised.

What Personal Information Was Compromised?

The data breach notification did not specify the exact types of personal information affected by the data breach. However, breaches of this nature can involve sensitive data such as names, addresses, Social Security numbers, financial information, and more.

Did You Receive A Data Breach Notice from Universal Lenders?

If you are among the 19,575 individuals impacted by this data breach, it is important to monitor your accounts for any signs of fraudulent activity. Additionally, we recommend taking steps to protect your identity, such as placing a fraud alert or credit freeze on your accounts.

Contact Us for a Free Legal Evaluation

If you have any questions about the Universal Lenders data breach or have experienced fraud, identity theft, or other harm as a result, Kehoe Law Firm, P.C. is here to help you understand your rights and explore your legal options.

Please send us a message or contact Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], [email protected], for a free, no-obligation evaluation of potential legal claims.

Kehoe Law Firm’s class action legal services are provided on a contingency-fee basis, meaning you are not responsible for any fees or litigation expenses.

 

SEND US A MESSAGE

Contact Us

ADDRESS

Kehoe Law Firm, P.C.
2001 Market Street
Suite 2500
Philadelphia, PA 19103

PHONE

Tel: 215-792-6676

EMAIL

[email protected]

Scam Alert: Beware of “QR Code” on Unexpected Packages

Jan 24, 2025 | Archive, KLF Blog

Scam Alert: QR Code on an Unexpected Package //

Imagine receiving an unexpected package addressed to you. Inside, there’s a note claiming it’s a gift, but it doesn’t mention who sent it. Instead, it asks you to scan a QR code to find out more or to get return instructions. While this might seem intriguing, it could be a tactic to steal your personal information.

If you’re confident it’s a genuine gift, you can keep it. However, be aware that such scenarios could involve a new variation of a brushing scam.

The Risks of Scanning Unknown QR Codes

Scanning the QR code might redirect you to a phishing website designed to harvest your sensitive information, such as usernames, passwords, or credit card details. Worse, it could install malware on your device, providing hackers with unauthorized access.

Steps to Take If You Scanned the QR Code

If you mistakenly scanned the QR code and provided your credentials, act quickly:

Monitoring and Safeguarding Against Identity Theft

If you suspect misuse of your personal information, follow these steps:

  1. Obtain your free credit report from AnnualCreditReport.com and review it for unfamiliar accounts or activities. Free weekly reports are available.
  2. Check your bank and credit card statements for unauthorized transactions.
  3. Consider additional measures to protect your identity, such as freezing your credit or placing a fraud alert on your report.

What to Do If Your Identity Is Compromised

If identity theft occurs, report the incident and create a recovery plan at IdentityTheft.gov.

Proactive Tips for Staying Secure

What About the Package?

By law, you are generally allowed to keep unordered packages as gifts. Learn more about your rights when you get unordered merchandise here.

Source: Consumer.ftc.gov

 

 

SEND US A MESSAGE

Contact Us

ADDRESS

Kehoe Law Firm, P.C.
2001 Market Street
Suite 2500
Philadelphia, PA 19103

PHONE

Tel: 215-792-6676

EMAIL

[email protected]

Harvard Pilgrim Health Care Data Breach

Jan 23, 2025 | KLF Blog

Harvard Pilgrim Health Care (“Harvard Pilgrim”) filed a data breach notice with the Office of the Vermont Attorney General regarding a cybersecurity incident which may have compromised personal and/or protected health information. The breach occurred between March 28, 2023, and April 17, 2023, and involved the unauthorized copying of sensitive data from Harvard Pilgrim’s systems.

On April 17, 2023, Harvard Pilgrim, according to the data breach notice, discovered it was the target of a ransomware attack affecting systems used to service members, accounts, brokers, and providers. On December 30, 2024, Harvard Pilgrim determined that sensitive files containing personal and health information were accessed and copied during the breach.

The information potentially exposed includes:

Personal Information: Name, physical address, and date of birth.

Health Insurance Information: Health insurance account details.

Clinical Information: Diagnoses, treatment details, dates of service, and provider names.

Have You Been Impacted by the Harvard Pilgrim Health Care Data Breach?

If you have questions about the data breach or have experienced fraud, identity theft, or other harm as a result, please reach out to us. Kehoe Law Firm, P.C. is here to help you understand your rights and explore potential legal claims.

Alternatively, please contact Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], [email protected], for a free, no-obligation evaluation of your legal options.

Kehoe Law Firm’s class action legal services are provided on a contingency-fee basis, meaning you are not responsible for any fees or litigation expenses.

SEND US A MESSAGE

Contact Us

ADDRESS

Kehoe Law Firm, P.C.
2001 Market Street
Suite 2500
Philadelphia, PA 19103

PHONE

Tel: 215-792-6676

EMAIL

[email protected]

E&M Insurance Data Breach

Jan 23, 2025 | KLF Blog

E&M Insurance LLC filed a data breach notice with the Office of the Vermont Attorney General regarding a “network security incident impacting [its] corporate email environment.” 

E&M Insurance’s data breach notice stated that “[o]n December 17, 2024, [the company] discovered that between February 8, 2024 and February 20, 2024, certain emails containing personal information were stored in an impacted account and may have been subject to unauthorized access or acquisition.”

Have You Been Impacted by the E&M Insurance Data Breach?

If you have questions about the data breach or have experienced fraud, identity theft, or other harm as a result, please reach out to us. Kehoe Law Firm, P.C. is here to help you understand your rights and explore potential legal claims.

Alternatively, please contact Michael Yarnoff, Esq., (215) 792-6676, Ext. 804, [email protected], [email protected], for a free, no-obligation evaluation of your legal options.

Our class action legal services are provided on a contingency-fee basis, meaning you are not responsible for any fees or litigation expenses. 

SEND US A MESSAGE

Contact Us

ADDRESS

Kehoe Law Firm, P.C.
2001 Market Street
Suite 2500
Philadelphia, PA 19103

PHONE

Tel: 215-792-6676

EMAIL

[email protected]