Posted On August 11, 2022 Consumer Privacy & Data Breaches
On August 5, 2022, Living Innovations reported a data breach after the company confirmed that one or more unauthorized parties were able to obtain access to several employee email accounts. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to clients’ names, health insurance or Medicaid information, Social Security numbers, and other information related to any services received at Living Innovations. After confirming that consumer data was leaked, Living Innovations began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Living Innovations data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Living Innovations.
According to an official notice filed by the company, on June 7, 2022, Living Innovations detected unusual activity within several employee email accounts. In response, with the assistance of outside cybersecurity professionals, the company launched an investigation into the potential data security incident.
This investigation confirmed that an unauthorized party was able to access several employee email accounts between June 6, 2022 and June 14, 2022. Living Innovations believes that the cyberattack was designed to induce payment on a fraudulent invoice; however, the unauthorized party also had access to all client information contained within the affected email account.
After discovering that sensitive consumer data was accessible to an unauthorized party, Living Innovations then reviewed the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, health insurance or Medicaid information, Social Security number, and other information related to any services received at Living Innovations to you or your loved one.
On August 5, 2022, Living Innovations sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Founded in 1996, Living Innovations provides individuals with long-term illnesses or developmental disabilities and children with health and behavioral needs. Living Innovations is based in Augusta, Maine, and has locations throughout New Hampshire, Maine, Rhode Island and Connecticut. In 2021, Living Innovations became a service of Mosaic, a larger organization that provides care for women and children experiencing disabilities. Living Innovations employs more than 473 people and generates approximately $88 million in annual revenue.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the Living Innovations data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a copy of the initial data breach letter issued by Living Innovations (the actual notice sent to consumers can be found here):
Living Innovations, a service of Mosaic, is committed to protecting the confidentiality and security of our clients’ information. This notice is to inform our clients and their guardians, where appropriate, of a recent email phishing incident that may have involved some of that information.
On June 7, 2022, Living Innovations became aware of unauthorized access within our employee email environment. With the assistance of a cybersecurity firm, we determined that an unauthorized person gained access to a small number of employee email accounts between June 6 and June 14, 2022. The evidence suggests that this was an attempt to induce a fraudulent invoice payment—and not to access client information. However, because we could not rule out that client information may have been viewed, we reviewed all emails and attachments in the mailboxes. Our review identified client health insurance or Medicaid information, Social Security numbers, and limited information related to services received at Living Innovations.
Living Innovations is mailing letters to all affected clients. If you believe you are affected by this incident, and do not receive a letter by September 12, 2022, please call (833) 559-0155, Monday through Friday 8 am – 10 pm CST, Saturday and Sunday 10 am – 7 pm CST (excluding major U.S. holidays). Please be prepared to provide Experian with Engagement Number: [Redacted]. Although we have no indication that any information will be misused, in an abundance of caution, we are recommending clients and their guardians review healthcare statements for accuracy and report any services not received to the insurer. We are also offering complimentary credit monitoring and identity theft protection services to those who are eligible.
Living Innovations takes client privacy and confidentiality very seriously. To help prevent something like this from happening again, we strengthened our email security protocols and will provide additional training to our employees on how to detect and avoid phishing emails.