On October 14, 2022, Lifespire Services, Inc. filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after the organization experienced a cybersecurity threat compromising information stored on its servers. According to Lifespire, the breach resulted in the following data elements being compromised: names, addresses, Social Security numbers, dates of birth, driver’s license numbers, passport numbers, bank account information, credit card information, medical diagnosis and treatment information, Medicare numbers, Medicaid numbers, and health insurance information. Also on October 14, 2022, Lifespire sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

The Lifespire data breach letter is an important resource for those whose information was leaked as a result of the recent incident. However, what the letter may not tell you is that the threat of identity theft and fraud are very real in the wake of a data breach, especially one such as this involving highly sensitive information. If you received a “Notice of Data Security Incident” letter from Lifespire, please take the time to review the following steps to take to protect yourself in the wake of a data breach.

More Information About the Lifespire Services Data Breach

What we know about the Lifespire Services breach comes from the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights. Lifespire also posted a “Notification of Data Security Incident” page on its website. According to these sources, on February 8, 2022, Lifespire Services first learned of an incident affecting its computer systems. While the company did not elaborate on the nature of the incident, in response to the discovery, Lifespire suspended its network to prevent future access and began working with a cybersecurity firm to investigate the incident.

The company’s investigation confirmed that certain files containing sensitive consumer information were accessible to an unauthorized party between January 14, 2022 and February 8, 2022.

Upon discovering that sensitive consumer data was made available to an unauthorized party, Lifespire Services began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, address, Social Security number, date of birth, driver’s license number, passport number, bank account information, credit card information, medical diagnosis and treatment information, Medicare or Medicaid number, and health insurance information.

On October 14, 2022, Lifespire Services sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. In all, it is estimated that 15,375 people were affected by the Lifespire breach.

Founded in 1951, Lifespire Services, Inc. is a New York-based organization focused on assisting those with developmental disabilities. The organization provides individuals with a wide range of services, including day habilitation services, community habilitation services, respite services, residential services, family support services and counseling services. Lifespire operates 82 locations throughout the five boroughs of New York City, as well as services and sites in Westchester, Ulster and Greene County. Lifespire Services employs more than 55 people and generates approximately $67 million in annual revenue.