A A A

JOHN EVANS SUPPORTIVE LIVING

Affordable Assisted Lifestyle Community

Data Breach

NOTICE OF DATA SECURITY INCIDENT

Gardant Management Solutions (“Gardant”) is committed to protecting the privacy of the information entrusted to us and takes this responsibility seriously.  This commitment extends to notifying individuals when their information may be compromised.  Although we have no reason to believe that personal information has been used to commit fraud or identity theft, Gardant is notifying the public about a recent email phishing incident.

Gardant has discovered that on October 11, 2019, a third party accessed a Gardant employee’s email account without authorization.  Upon learning of the incident, Gardant promptly secured the email account to prevent further access and conducted an initial internal investigation.  Gardant also retained a leading forensic security firm to investigate and conduct a comprehensive search for any personal information in the impacted email account, and to confirm the security of our email and computer systems.

On April 9, 2020, the investigation determined that the email account contained some personal information. The information for each individual differs but included names, addresses, dates of birth, phone numbers, Social Security numbers, driver’s license, passport number, credit card information, electronic signature, medical insurance information and/or medical history information.

At this point, Gardant does not know for certain if any personal information was ever viewed by the unauthorized party and does not believe that accessing the personal information in the account was the motive behind the incident.  Gardant is also not aware of any instances of fraud or identity theft as a result of this incident.  However, out of an abundance of caution, Gardant is notifying the public of the incident.  On July 9, 2020, Gardant also mailed notification letters to potentially impacted individuals for whom it had a valid mailing address.

Affected individuals should refer to the notice they receive in the mail regarding the steps they can take to protect themselves. Individuals who did not receive a letter but believe they may have been affected, or who are seeking additional information can call Gardant’s toll free inquiry line at 855-917-3580, Monday through Friday, 9:00 a.m. to 9:00 p.m. ET.

Gardant encourages individuals to remain vigilant to the possibility of fraud and identity theft by reviewing credit card, bank, and other financial statements for any unauthorized activity. If individuals detect any suspicious activity, they should notify the entity with which the account is maintained, and promptly report the suspicious activity to appropriate law enforcement authorities, including the police and their state attorney general. In addition, anyone looking for information on fraud prevention can review tips provided by the FTC at www.ftc.gov/idtheft.

Gardant takes the security of its information seriously and sincerely apologizes for any inconvenience this incident may cause. Gardant is committed to taking steps to help prevent this from happening again, including reviewing its technical controls.

Posted on July 28, 2020

John Evans Supportive Living is managed and operated by Gardant Management Solutions (“Gardant”). Gardant experienced a data security incident that resulted in the potential access and/or acquisition to some of John Evans Supportive Living residents’ personal and medical information. While Gardant has no evidence that anyone’s information was actually viewed or acquired, and no evidence of any fraud or identify theft, Gardant has mailed notification letters to impacted residents for whom it had a valid mailing address. That notice includes information on steps individuals can take to protect themselves against potential fraud or identity theft.

Gardant discovered that on February 11, 2019, it was the victim of a cyber-phishing attack that resulted in an unauthorized third party potentially being able to view the contents of an employee’s email account. Upon learning of the incident Gardant began an internal investigation. Gardant also retained a leading forensic security firm to conduct a comprehensive search for any personal information in the impacted email account and confirm the security of its email and computer systems. Gardant also notified law enforcement. On August 6, 2019, the investigation indicated that the data impacted by the incident may have included resident names, addresses, dates of birth, Social Security numbers, medical information and billing information.

Gardant previously sent notification letters to individuals who it had addresses for, but has recently been able to identify additional addresses and sent out additional notification on March 18, 2020. Individuals whose Social Security numbers may have been impacted received an offer for free identity theft protection services.

Gardant encourages its residents to remain vigilant to the possibility of fraud and identity theft by reviewing credit card, bank, and other financial statements, as well as claims made using their insurance for any unauthorized activity. If individuals detect any suspicious activity, they should notify the entity with which the account is maintained, and promptly report the suspicious activity to appropriate law enforcement authorities, including the police and their state attorney general. In addition, anyone looking for information on fraud prevention can review tips provided by the FTC at www.ftc.gov/idtheft.

Gardant takes the security of its residents’ information very seriously and sincerely apologizes for any inconvenience this incident may cause any of its residents. If you have any questions or concerns about this incident, please contact 1-855-963-0396, Monday through Friday, 9:00 a.m. to 9:00 p.m. Eastern Time.