Cyber Incident Victim: Directions for Living

On July 5, 2021, Directions for Living (DFL), a Florida-based healthcare entity, experienced a ransomware attack that compromised its systems. The organization discovered the intrusion on July 17, 2021, following a 12-day period of unauthorized access. Forensic investigation determined attackers exploited a firewall vulnerability to gain entry, encrypting portions of DFL's infrastructure. The breach exposed protected health information (PHI) belonging to 19,494 patients, though the organization confirmed its electronic health record system remained untouched throughout the incident. Compromised data fields included patients' full names, residential addresses, dates of birth, Social Security numbers, diagnostic billing codes, insurance details, provider names, service dates, and unspecified additional health information. DFL's external legal counsel formally documented these findings in breach notifications submitted to regulatory authorities.

DFL initiated patient notifications through mailed letters following the forensic review, disclosing the scope of impacted data categories while emphasizing no evidence of data misuse had been detected. The organization offered single-bureau credit monitoring services to affected individuals, as documented in submissions to the Maine Attorney General's Office dated September 15, 2021. This mitigation offering was not referenced in DFL's parallel public notification published on its corporate website. Operational disruptions occurred during the incident response period, though specific details regarding system downtime or service interruptions were not quantified in available disclosures. The attack vector identification as a firewall vulnerability represented the primary technical finding communicated to regulators and patients regarding the breach's origin.