25% off all training courses Offer ends May 8, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 8, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Numotion Ransomware Attack Affects More Than 602,000 Individuals

Posted By on Jun 10, 2024

United Seating and Mobility, L.L.C., a provider of wheelchair and mobility equipment that does business as Numotion, discovered on March 2, 2024, that an unauthorized third party had access to its computer systems and used ransomware to encrypt files. Immediate action was taken to secure its systems and prevent further unauthorized access and a third-party cybersecurity company was engaged to conduct a forensic investigation to determine the scope of the unauthorized activity.

Forensic investigations often take several weeks before it is confirmed that hackers accessed or acquired files containing sensitive data; however, two days after the attack on March 4, 2024, Numotion verified that the unauthorized third party had access to its systems from February 29, 2024, to March 2, 2024, and may have acquired sensitive data such as names, dates of birth, equipment order details, supporting medical documentation, and medical insurance information. A subset of the affected individuals also had their Social Security numbers and/or driver’s license numbers exposed.

The breach notice submitted to the Maine Attorney General says consumer notifications were issued to the affected individuals on April 15, 2024, and indicates 4,190 individuals were affected; however, on May 1, 2024, Numotion filed a breach report with the HHS’ Office for Civil Rights that states 602,265 individuals had their protected health information exposed or stolen in the attack.

Numotion said it is unaware of any actual or attempted misuse of data as a result of the incident; however, as a precaution, individuals whose Social Security numbers or driver’s license numbers were involved have been offered complimentary identity theft protection services. A toll-free number – 866-528-8846 – has been set up for individuals requiring further information about the incident. The line is manned Monday through Friday, from 8:00 AM to 5:30 PM Central Time.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Numotion said it has implemented additional technical security measures to prevent similar incidents in the future and will continue to remain on guard against these types of attacks to protect the safety of its patients and the security of their information.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist