Kaye-Smith Announces Data Breach Potentially Affecting MultiCare Patients

Console and Associates, P.C.

On December 9, 2022, Kaye-Smith reported a data breach with the Office of Consumer Protection of the Montana Attorney General after hackers successfully obtained access to confidential consumer information following a ransomware attack. The breach affected information the company received from MultiCare, a large regional health network for which Kaye-Smith processes personal information as a part of the mailing services it provides. According to Kaye-Smith, the breach resulted in the names, addresses and Social Security numbers being compromised. Recently, Kaye-Smith sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

If you receive a data breach notification from Kaye-Smith or MultiCare, it is essential you understand what is at risk and what you can do about it. As is the case with most third-party data breaches, you may not have known that a company named Kaye-Smith existed—let alone possessed your personal information. However, as we’ve discussed in prior posts, that doesn’t affect the duty Kaye-Smith had to protect your information. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Kaye Smith data breach, please see our recent piece on the topic here.

What We Know About the Kaye Smith Data Breach

The available information regarding the Kaye Smith breach comes from the company’s data breach letter, filed with the Office of Consumer Protection of the Montana Attorney’s General office. According to this source, in June 2022, Kaye-Smith learned of a potential data security incident when it detected suspicious activity throughout its computer network. In response, the company worked with outside experts to investigate the incident and determine whether any confidential consumer information was leaked as a result.

The Kaye Smith investigation confirmed that the company had been the victim of a ransomware attack. As a result of the cyberattack, hackers were able to gain access to certain files stored on the Kaye-Smith network. Further investigation revealed that some of these files contained sensitive information pertaining to one of the company’s corporate clients, MultiCare.

Upon discovering that sensitive consumer data was made available to an unauthorized party, Kaye Smith began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, address, and Social Security number.

On December 9, 2022, Kaye Smith sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. While the Kaye Smith data breach letter does not mention whether customers of any of the company’s other clients were affected, we know that the Kaye-Smith data breach affected certain MultiCare patients.

More Information About Kaye-Smith and MultiCare

Founded in 1908, Kaye-Smith is a business services company based in Renton, Washington. The company provides its corporate clients with various solutions related to branded merchandise, statement processing and billing services, inventory management, direct mail marketing, web applications, warehousing and distribution, data management and personalized fulfillment. Kaye-Smith operates three locations in Renton, WA, Portland, OR, and Boise, ID. Kaye Smith employs more than 170 people and generates approximately $39 million in annual revenue.

Founded in 1882, MultiCare is a not-for-profit healthcare company based in Tacoma, Washington. MultiCare is the largest, not-for-profit, community-based, locally-owned health system in Washington State. MultiCare operates 11 hospitals in the region, including:

  • MultiCare Allenmore Hospital in Tacoma

  • MultiCare Auburn Medical Center in Auburn

  • MultiCare Capital Medical Center in Olympia

  • MultiCare Covington Medical Center in Covington

  • MultiCare Deaconess Hospital in Spokane

  • MultiCare Good Samaritan Hospital in Puyallup

  • Mary Bridge Children’s Hospital in Tacoma

  • MultiCare Tacoma General Hospital in Tacoma

  • MultiCare Valley Hospital in Spokane Valley

  • Navos Behavioral Health Hospital in West Seattle

  • Wellfound Behavioral Health Hospital in Tacoma

MultiCare also operates MultiCare Behavioral Health Network, MultiCare Indigo Health, Mary Bridge Children’s Hospital & Health Network, Pulse Heart Institute and MultiCare Rockwood Clinic. MultiCare employs more than 20,000 people and generates approximately $2 billion in annual revenue.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide