Cyber Incident Victim: Majestic Care

On December 13, 2022, Majestic Care detected a disruption in its computer systems, prompting an investigation into a potential security incident. The company immediately secured its systems and engaged a third-party forensics firm to determine the nature and scope of the breach. Forensic analysis confirmed that an unauthorized actor first accessed Majestic Care’s network on December 9, 2022, maintaining persistent access until the company fully restored its systems on December 16, 2022. During this seven-day period, the attacker compromised files containing sensitive personal and health information belonging to current and former residents and staff members across Majestic Care’s 30 skilled nursing facilities in Indiana, Ohio, and Michigan. The exposed data included first and last names, mailing addresses, Social Security numbers, dates of birth, telephone numbers, driver’s license numbers, and protected health information.

Following the investigation, Majestic Care conducted a review of the affected files to identify impacted individuals and the specific data elements involved in each case. On March 28, 2023, the company filed a formal notice of the breach with the Montana Attorney General’s office and initiated mailing data breach notification letters to all affected parties. The breach impacted an undisclosed number of individuals across the organization’s 1,200-person workforce and patient population, though the company did not publicly specify the total number of compromised records. Majestic Care’s public disclosure emphasized the operational restoration of systems by December 16 but did not detail technical specifics regarding the attack vector, malware used, or whether ransomware was involved. The incident exposed vulnerabilities in the healthcare provider’s data security infrastructure, potentially affecting individuals who had received services ranging from short-term rehabilitation to hospice care across its Midwest facilities.