Over 602,000 Individuals Affected by Numotion Ransomware Attack

United Seating and Mobility, L.L.C. is a company selling wheelchair and mobility equipment and is also known as Numotion. On March 2, 2024, Numotion found that an unauthorized third party got access to its computer network and encrypted files using ransomware. Prompt action was undertaken to protect its systems and block unauthorized access. A third-party cybersecurity firm conducted a forensic investigation to identify the extent of the unauthorized activity.

Forensic investigations frequently require a few weeks before it can confirm whether hackers accessed or obtained files that contain sensitive information. However, it only took two days for Numotion to verify the unauthorized access by a third party to its network. On March 4, 2024, Numotion confirmed that the attackers accessed the system from February 29, 2024, to March 2, 2024 and potentially stole
sensitive information including names, birth dates, equipment order information, supporting health records, and health insurance data. The Social Security numbers and/or driver’s license numbers of some impacted people were also compromised.

The breach notice forwarded to the Maine Attorney General states that notification letters were sent on April 15, 2024 to 4,190 consumers that were affected by the incident. However, on May 1, 2024, the breach report submitted to the HHS’ Office for Civil Rights by Numotion indicated that the protected health information (PHI) of 602,265 people was exposed or stolen during the attack.

Numotion stated it did not receive any report of actual or attempted data misuse due to the incident; nevertheless, as a safety measure, the company offered those whose driver’s license numbers or Social Security numbers were exposed to avail of free identity theft protection services. Those who need more details concerning the incident can call the toll-free number 866-528-8846. Support service is available on that line from Monday to Friday, 8:00 AM to 5:30 PM CT.

Numotion stated that it has put in place extra technical security procedures to stop the occurrence of the same cyberattacks in the future. The company will be on the lookout for these types of attacks to keep patients and their information secure.