Living Innovations

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Living Innovations, a service provider for individuals with long-term illnesses or developmental disabilities, experienced a significant data breach in June 2022. The breach was identified due to unusual activity within several employee email accounts between June 6 and June 14, 2022. This incident was the result of a phishing attack, a common cyberattack method where attackers trick employees into providing sensitive information or downloading malicious software. The primary aim of the attack seemed to be to induce payment on a fraudulent invoice, but it also resulted in unauthorized access to sensitive client information contained within the affected email accounts[1].

The compromised information includes names, health insurance or Medicaid information, Social Security numbers, and other details related to services received at Living Innovations. The breach potentially exposed data for 4,000 people[3][4]. In response to the breach, Living Innovations sent out data breach letters to all affected parties, advising them on how to protect themselves from potential identity theft and fraud. The company also reviewed the affected files to determine the extent of the compromised information and took steps to strengthen their email security protocols and provide additional training to employees on detecting and avoiding phishing emails[1].

Living Innovations, founded in 1996 and based in Augusta, Maine, operates in New Hampshire, Maine, Rhode Island, and Connecticut. In 2021, it became a service of Mosaic, a larger organization that provides care for individuals experiencing disabilities. The company employs more than 473 people and generates approximately $88 million in annual revenue[1].

This breach was part of a larger trend of cyberattacks targeting healthcare and related service providers, with phishing attacks being particularly prevalent due to the sensitive consumer information these organizations handle[1].

Citations:

  1. https://www.jdsupra.com/legalnews/living-innovations-reports-data-breach-6268888/
  2. https://livinginnovations.com/privacy-policy/
  3. https://indepthnh.org/2022/09/09/data-for-150000-people-potentially-exposed-in-medical-facility-leaks-in-n-h/
  4. https://www.businessnhmagazine.com/article/medical-data-for-150ampcomma000-nh-residents-possibly-exposed
  5. https://www.doj.nh.gov/consumer/security-breaches/c.htm
  6. https://healthitsecurity.com/news/third-party-mailing-error-exposes-37k-ssns-at-sound-health-and-wellness-trust
  7. https://stacker.com/new-hampshire/biggest-health-care-data-breaches-you-should-know-about-new-hampshire
  8. https://livinginnovations.com
  9. https://www.indeed.com/cmp/Living-Innovations/reviews
  10. https://www.mass.gov/doc/assigned-data-breach-number-28076-living-innovations/download
  11. https://www.doj.nh.gov/consumer/security-breaches/n.htm
Breach Submission Date Aug 05, 2022
Converted Entity Name Living Innovations
Converted Entity Type Healthcare Provider
State NH
Individuals Affected 4,000
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes