Wichita, KS-based senior living company Legend Senior Living and San Diego-based home health provider Buena Vista Management Services, doing business as Winward Life Care, this month confirmed ransomware attacks that occurred in December.
Meanwhile, Legend Senior Living also notified residents April 10, saying that a forensic review completed last month determined that unauthorized access to files containing personal and protected health information had occurred between July 27 and Aug. 15.
The leaked information details such as home addresses, email addresses, Social Security numbers, driver’s license numbers, medical information and payment methods. The Worldleaks threat group has claimed responsibility for the cyberattack, HIPAA Journal reported.
“Worldleaks proceeded to leak the stolen data, indicating the ransom was not paid. It is currently unclear how many individuals have been affected in total,” the journal reported. “The Texas Attorney General was informed that 5,006 Texas residents were affected.”
Windward began notifying affected individuals April 10 of a cybersecurity incident that took place on or around Dec. 8.
According to the company’s forensic investigation, an unauthorized third party gained access to its network, where it was able to access personal or sensitive information similar to the data stolen in the Legend Senior Living breach.
“While Windward Life Care did not describe the incident as a ransomware attack, a ransomware group has claimed responsibility for the attack,”according to HIPAA Journal. “Despite the incident being detected on the same day as its network was breached, [financially motivated ransomware group] Sinobi claims to have encrypted files and exfiltrated 25 gigabytes of data from the network.”
