Cyber Incident Victim: LifeLong Medical Care

On November 24, 2020, LifeLong Medical Care experienced a ransomware attack impacting approximately 115,000 individuals. The incident originated through systems managed by Netgain, a third-party service provider, which initially detected anomalous network activity but did not confirm the ransomware nature of the intrusion until February 25, 2021. The investigation, conducted jointly by LifeLong Medical Care and Netgain, concluded on August 9, 2021, revealing that attackers accessed and/or acquired sensitive patient information. This included full names, Social Security numbers, dates of birth, patient cardholder numbers, treatment details, and diagnosis data. LifeLong Medical Care began notifying affected individuals via breach notification letters following the investigation’s completion, advising them to monitor financial accounts, credit reports, and explanation of benefits statements for fraudulent activity.

The organization established a toll-free response line (855-851-1278) for inquiries and recommended affected individuals enroll in credit monitoring services, place fraud alerts or security freezes on credit files, and obtain credit reports. The breach occurred amid heightened ransomware targeting of healthcare providers during the COVID-19 pandemic, though the specific ransomware group involved was not identified. LifeLong Medical Care’s notification did not disclose whether ransom demands were made or paid, nor did it specify operational disruptions beyond data compromise. The incident underscored third-party security risks, as Netgain’s systems facilitated the attack. No additional technical details regarding attack vectors, containment measures, or data restoration efforts were disclosed in the notification.