Senior housing and assisted living operator.
Legend Senior Living, a Wichita-based senior-living operator, was accessed by an unauthorized actor between about July 27 and August 15, 2025; the WorldLeaks extortion group posted a leak claim on September 18, 2025. A DataBreach.com parse of the leaked data found roughly 409,300 emails, 996,000 home addresses, 576,000 phone numbers, and 32,700 Social Security numbers (distinct values that overlap across individuals). Legend's official notifications (April 10, 2026) reported exposure of names, addresses, SSNs, driver's licenses, government IDs/passports, financial account information, and medical/health-insurance data. State filings disclosed only small subsets (e.g., 5,006 Texas residents; 12 MA; 6 ME; 4 NH) and the national total remains undisclosed; the 996,013 figure is a raw address-parse count and likely overstates distinct affected individuals.
ObscureIQ assessment: Extremely sensitive. Exposure can enable identity theft, medical fraud, and exploitation of elderly residents and their families. Senior-care context also signals vulnerability and dependency.
Because the records tie individuals to an elder-care operator, exposure signals a vulnerable, dependency-prone population that fraudsters actively target. Confirmed circulating identifiers (names, addresses, phones, Social Security numbers) create identity-theft and elder-scam risk; Legend’s notification additionally reported driver’s licenses, passports/government IDs, financial account information, and medical/health-insurance data, which would sharply increase medical- and financial-fraud risk if in the full dump. The breach also affects residents’ families and staff.
Legend Senior Living is a U.S. senior-housing and assisted-living operator headquartered in Wichita, Kansas, operating residential-care communities across Colorado, Florida, Kansas, Missouri, Oklahoma, Pennsylvania, and Texas. It maintains resident identity, health and care, billing, and family/guardian records along with employee data.
Senior-living providers collect resident identity, contact, health and care records, billing information, family or guardian details, and operational records across residential-care workflows.
An unauthorized actor accessed Legend servers between roughly July 27 and August 15, 2025; the WorldLeaks extortion group posted a claim on September 18, 2025. Legend preliminarily completed its file review on March 12, 2026 and began notifying affected individuals on April 10, 2026, offering credit monitoring through Cyberscout (a TransUnion company). Multiple class-action investigations followed.
Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.
Attribution and method are based on available breach intelligence. Reported attack vector: Ransomware / Extortion.
If you believe your information may be included:
Legend Senior Living, a Wichita-based senior-living operator, was accessed by an unauthorized actor between about July 27 and August 15, 2025; the WorldLeaks extortion group posted a leak claim on September 18, 2025. A DataBreach.com parse of the leaked data found roughly 409,300 emails, 996,000…
Verified fields include Email Address, Phone Number, Physical Address, Social Security Number.
Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.
Every claim on this page is traceable. This breach draws on:
Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.
Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.
Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.
Request Consultation