Cyber Incident Victim: American Baptist Homes of the Midwest

On or about March 10, 2019, American Baptist Homes of the Midwest (ABHM) experienced a ransomware attack that encrypted organizational records, rendering them inaccessible. The unauthorized actors gained access to ABHM’s computer systems and deployed malware designed to extort payment. ABHM detected the encryption activity shortly after it occurred on March 10 and halted the incident within hours, securing compromised accounts. The attack did not affect clinical or billing systems but targeted company email servers and general file storage infrastructure. Data potentially exposed included resident and patient names, addresses, Social Security numbers, medical details such as diagnoses, lab results, and medications, alongside financial information. Impacted facilities spanned eight senior living locations across Minnesota, Wisconsin, Iowa, Colorado, Nebraska, and South Dakota, including Thorne Crest Senior Living in Albert Lea, Tudor Oaks in Muskego, and Mountain Vista in Wheat Ridge. ABHM confirmed no evidence of data exfiltration or misuse but issued notifications as a precautionary measure due to the sensitivity of accessible records.

ABHM engaged a digital forensics firm to purge malware remnants and restore systems from backups following containment. Organizational responses included a third-party security risk assessment, strengthened password policies, automated session termination after repeated failed access attempts, and implementation of continuous monitoring systems. The entity reported the incident to law enforcement and the U.S. Department of Health and Human Services Office for Civil Rights but did not provide credit monitoring services to affected individuals. Recovery operations concluded rapidly, with full system control reestablished during the initial response window. No ransom payment details or explicit attacker attribution were disclosed in public communications.