On or around February 5, 2025, The Gatesworth Communities detected suspicious network activity reported by a third-party IT vendor. An investigation confirmed unauthorized access between January 22 and January 26, 2025, resulting in a data breach affecting multiple facilities under its umbrella, including The Gatesworth, McKnight Place Extended Care, McKnight Place Assisted Living and Memory Care, and Parc Provence. The breach was traced to a cybercriminal compromising the third-party IT vendor’s systems, leading to potential exposure of sensitive personal and protected health information (PHI). The compromised data may include names, dates of birth, Social Security numbers, health insurance details, and payment information. The company began notifying affected individuals on August 26, 2025, and disclosed the incident to the Montana Attorney General. In response, The Gatesworth Communities strengthened security measures, changed passwords, engaged forensic experts, and notified the FBI. The breach poses significant risks, including identity theft, financial fraud, and phishing attacks targeting exposed individuals.
Source: https://www.claimdepot.com/data-breach/the-gatesworth-2025
TPRM report: https://www.rankiteo.com/company/thegatesworth
"id": "the526090325",
"linkid": "thegatesworth",
"type": "Breach",
"date": "1/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Healthcare',
'name': 'The Gatesworth Communities',
'type': 'Senior Living and Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'McKnight Place Extended Care',
'type': 'Senior Living Facility'},
{'industry': 'Healthcare',
'name': 'McKnight Place Assisted Living and Memory '
'Care',
'type': 'Senior Living Facility'},
{'industry': 'Healthcare',
'name': 'Parc Provence',
'type': 'Senior Living Facility'},
{'industry': 'Technology',
'name': 'Unnamed Third-Party IT Vendor',
'type': 'IT Service Provider'}],
'attack_vector': 'Compromised Third-Party IT Vendor Systems',
'customer_advisories': ['Review notices carefully',
'Monitor for identity theft or fraud',
'Consider credit freezes or fraud alerts'],
'data_breach': {'data_exfiltration': 'Likely (data accessed by unauthorized '
'actor)',
'personally_identifiable_information': ['Names',
'Dates of Birth',
'Social Security '
'Numbers',
'Health Insurance '
'Information',
'Payment Information'],
'sensitivity_of_data': 'High (includes SSNs, health '
'insurance, and payment data)',
'type_of_data_compromised': ['Personal Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2025-02-05',
'date_publicly_disclosed': '2025-08-26',
'description': 'On or around Feb. 5, 2025, The Gatesworth Communities '
'discovered suspicious network activity reported by a '
'third-party IT vendor. An investigation revealed unauthorized '
'access between Jan. 22 and Jan. 26, 2025, potentially '
'compromising personal and protected health information (PHI) '
'of individuals associated with The Gatesworth, McKnight Place '
'Extended Care, McKnight Place Assisted Living and Memory '
'Care, and Parc Provence. The breach was disclosed to affected '
'individuals and the Montana Attorney General on Aug. 26, '
'2025. The cybercriminal gained access by compromising the '
'third-party IT vendor’s systems.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive personal and '
'health data',
'data_compromised': ['Names',
'Dates of Birth',
'Social Security Numbers',
'Health Insurance Information',
'Payment Information'],
'identity_theft_risk': 'High (due to exposure of SSNs, payment '
'info, and PHI)',
'legal_liabilities': 'Potential liability under data protection '
'regulations (e.g., HIPAA)',
'payment_information_risk': 'High'},
'initial_access_broker': {'entry_point': 'Third-Party IT Vendor Systems',
'high_value_targets': ['Personal Information (PII)',
'Protected Health '
'Information (PHI)']},
'investigation_status': 'Completed (as of July 16, 2025, when PHI exposure '
'was confirmed)',
'post_incident_analysis': {'corrective_actions': ['Password changes',
'Additional network '
'security measures',
'Engagement of forensic '
'experts for investigation'],
'root_causes': ['Compromise of third-party IT '
'vendor systems',
'Inadequate security controls at '
'vendor level (presumed)']},
'recommendations': ['Monitor credit reports and financial accounts for '
'unusual activity',
'Be alert for phishing attempts using exposed information',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus'],
'references': [{'source': 'The Gatesworth Communities - Notice of Data '
'Privacy Incident'},
{'source': 'Montana Attorney General Data Breach '
'Notification'}],
'regulatory_compliance': {'regulations_violated': ['Potential HIPAA '
'violations (PHI exposure)',
'State data breach '
'notification laws (e.g., '
'Montana)'],
'regulatory_notifications': ['Montana Attorney '
'General (notified '
'Aug. 26, 2025)']},
'response': {'communication_strategy': ['Notice of Data Privacy Incident '
'published on website (Aug. 26, 2025)',
'Direct notifications sent to '
'affected individuals (Aug. 26, 2025)',
'Disclosure to Montana Attorney '
'General (Aug. 26, 2025)'],
'containment_measures': ['Password changes implemented',
'Additional security measures deployed '
'across the network'],
'incident_response_plan_activated': True,
'law_enforcement_notified': 'FBI notified',
'third_party_assistance': 'Engaged outside computer forensic '
'experts'},
'stakeholder_advisories': ['Public notice on company website',
'Direct notifications to affected individuals'],
'threat_actor': 'Unidentified Cybercriminal',
'title': 'Data Breach at The Gatesworth Communities via Third-Party IT Vendor',
'type': 'Data Breach (Third-Party Vendor Compromise)'}