Cyber Incident Victim: NuLife Med

NuLife Med, a New Hampshire-based veteran-owned medical device company, experienced a data security incident impacting 81,244 individuals. The company discovered unauthorized access to its systems on March 11, 2022, and subsequent investigation revealed the intrusion occurred between March 9 and March 11. While NuLife Med could not definitively confirm the exact files accessed or acquired by the unauthorized actor beyond a limited number, the compromised data potentially included names, medical information, health insurance details, addresses, Social Security numbers, financial account information, and driver’s license numbers. The company emphasized its serious approach to the incident and the security of affected information in a public notice. As of May 9, 2022, NuLife Med reported no evidence of identity theft or fraud stemming from the breach.

Upon detecting the incident, NuLife Med initiated a rapid response that included launching an investigation, assessing system security, and identifying compromised data. The company did not disclose specific technical containment measures, system vulnerabilities, or whether law enforcement was involved. Its public communication focused on acknowledging the event, outlining the types of potentially exposed data, and reiterating its commitment to information security. No mention was made of offering credit monitoring or identity protection services to affected individuals. The incident’s operational impact on NuLife Med’s business functions or device manufacturing processes was not detailed in the available information.