Strauss Borrelli PLLC, a leading data breach law firm, is investigating St. Andrew’s Resources for Seniors System (“St. Andrew’s”) regarding its recent data breach. The St. Andrew’s data breach may have involved sensitive personal information and protected health information belonging to over 16,000 individuals.
ABOUT ST. ANDREW'S RESOURCES FOR SENIORS SYSTEM:
St. Andrew’s is a faith-based, senior care organization based in Missouri. Founded in 1961, St. Andrew’s offers a variety of services and lifestyle options to seniors, including active adult communities, independent living, assisted living, memory care, rehabilitation, and in-home care.3 Headquartered in St Louis, Missouri, St. Andrew’s has 11 senior communities throughout Missouri and employs over 1,000 individuals.
WHAT HAPPENED?
Recently, St. Andrew’s announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on or around February 8, 2024, St. Andrew’s was alerted to suspicious activity in certain employee email accounts.1 As a result, St. Andrew’s launched an investigation to determine the nature of the incident.
Through its investigation, St. Andrew’s confirmed that sensitive personal information in its systems may have been compromised by an unauthorized third party through St. Andrew’s employee accounts on December 13, 2023. As a result, St. Andrew’s began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On January 6, 2025, St. Andrew’s completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Address
- Driver’s license number
- State identification number
- Passport number
- Military identification number
- Financial account information
- Payment card information
- Medical information
- Health insurance information
As a result of the breach, St. Andrew’s posted a notice of the incident on its website. Additionally, on February 7, 2025, St. Andrew’s began sending breach notification letters to impacted individuals. Based on the website breach notice, St. Andrew’s is providing affected individuals with a list of the specific types of sensitive information impacted and 12 months of complimentary credit monitoring services. A link to the form breach notification that St. Andrew’s posted to its website is below.
If you received a breach notification letter from St. Andrew's Resources for Seniors System:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
