Cyber Incident Victim: Allaire Healthcare Group

On November 24, 2021, Allaire Healthcare Group detected suspicious activity in an employee’s email account at its Freehold, NJ-based residential healthcare facilities. The organization immediately secured the compromised account and its email system to prevent further unauthorized access. A forensic investigation determined the breach was confined to a single email account accessed by an unauthorized individual between November 10 and November 24, 2021. The timeframe indicated the threat actor maintained persistent access for two weeks before detection. Allaire operates five facilities providing subacute care, dementia care, and respite care across the tri-state area, though the breach did not directly compromise clinical systems beyond the targeted email account.

The organization completed a programmatic and manual review of the affected email account on March 18, 2022, confirming exposure of protected health information for 13,148 individuals. Compromised data included first and last names, Social Security numbers, Allaire-issued unique client identifiers, driver’s license numbers, passport numbers, financial account details, payment card information, medical histories, treatment/diagnosis records, prescription data, and health insurance information. Investigators found no evidence that the unauthorized actor viewed or downloaded the exposed data, and no instances of actual or attempted misuse were reported following the incident. The breach notification did not specify whether multi-factor authentication was enabled on the compromised account or detail the exact method of initial compromise. Allaire’s response focused on securing the account, conducting forensic analysis, and reviewing the scope of impacted data over a four-month investigation period.