Numotion, a subsidiary of United Seating and Mobility L.L.C., suffered a cyber-attack between **February 29, 2024, and March 2, 2024**, resulting in unauthorized access to sensitive protected health information (PHI). The breach exposed personal data, including **names, Social Security numbers, and medical records**, though the exact number of affected individuals remains undisclosed. The incident was formally reported to the **California Office of the Attorney General on July 17, 2024**. The compromised data poses significant risks, as PHI is highly valuable for identity theft, financial fraud, and targeted scams. Exposure of **Social Security numbers** increases the likelihood of long-term harm, including credit damage and unauthorized access to healthcare services. The breach underscores vulnerabilities in handling **highly regulated health data**, potentially leading to regulatory penalties under laws like **HIPAA (Health Insurance Portability and Accountability Act)**. Customers may face fraudulent activity, reputational damage to Numotion, and erosion of trust in the company’s ability to safeguard sensitive information. The delayed disclosure (nearly **five months** after detection) could further exacerbate legal and financial repercussions.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-588807
TPRM report: https://www.rankiteo.com/company/numotion
"id": "num025090625",
"linkid": "numotion",
"type": "Cyber Attack",
"date": "2/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unknown',
'industry': 'Healthcare (Mobility Solutions)',
'location': 'California, USA',
'name': 'United Seating and Mobility L.L.C (dba '
'Numotion)',
'type': 'Private Company'}],
'data_breach': {'number_of_records_exposed': 'Unknown',
'personally_identifiable_information': ['Names',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Protected Health Information '
'(PHI)',
'Personally Identifiable '
'Information (PII)']},
'date_publicly_disclosed': '2024-07-17',
'description': 'The California Office of the Attorney General reported that '
'United Seating and Mobility L.L.C, dba Numotion, experienced '
'a cyber-attack between February 29, 2024, and March 2, 2024, '
'potentially exposing protected health information. The breach '
'affected an unknown number of individuals and involved '
'unauthorized access to personal data, including names, Social '
'Security numbers, and medical information.',
'impact': {'data_compromised': ['Names',
'Social Security numbers',
'Medical information'],
'identity_theft_risk': 'High (PII and PHI exposed)'},
'references': [{'date_accessed': '2024-07-17',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (likely, due to PHI '
'exposure)',
'California Consumer '
'Privacy Act (CCPA)'],
'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'response': {'communication_strategy': 'Public disclosure via California '
'Office of the Attorney General'},
'title': 'Cyber-Attack on United Seating and Mobility L.L.C (dba Numotion)',
'type': 'Data Breach'}