Windward Life Care Discloses Data Breach Impacting Sensitive Personal and Health Information
Windward Life Care, a San Diego-based provider of aging life care management, in-home caregiving, and private home health nursing, recently disclosed a data breach affecting an undisclosed number of individuals. The company detected unusual activity in its network on December 8, 2025, prompting an investigation with legal counsel and third-party forensic specialists.
The investigation revealed that an unauthorized individual may have accessed or copied sensitive data, with the breach believed to have begun on the same day. On January 5, 2026, the ransomware group Sinobi claimed responsibility, posting on the Tor network that it had exfiltrated 25 gigabytes of Windward Life Care’s data, including customer records, incident reports, and contracts. The group threatened to publish the data within 9 to 10 days if demands were not met.
A comprehensive review of the affected data concluded on April 6, 2026, identifying exposed information as including personally identifiable information (PII) and protected health information (PHI). Compromised data may have included names, Social Security numbers, driver’s license numbers, financial account details, medical records, health insurance information, and other sensitive identifiers.
Windward Life Care began notifying affected individuals on April 10, 2026, and reported the breach to the attorneys general of California and New Hampshire. As part of its response, the company is offering 12 months of complimentary credit monitoring, identity theft restoration services, and fraud assistance through Cyberscout. Affected individuals can enroll using a unique code provided in their notification letter, with a 90-day enrollment window. A dedicated assistance line (1-833-289-6231) has also been established for further support.
Source: https://www.claimdepot.com/data-breach/windward-life-care-2026
Windward Life Care cybersecurity rating report: https://www.rankiteo.com/company/windwardlifecare
"id": "WIN1775853062",
"linkid": "windwardlifecare",
"type": "Ransomware",
"date": "12/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Undisclosed number of '
'individuals',
'industry': 'Healthcare, Aging Life Care, Home Health '
'Nursing',
'location': 'San Diego, California, USA',
'name': 'Windward Life Care',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unknown (initial access broker activity suspected)',
'customer_advisories': 'Notification letters sent on 2026-04-10 with details '
'on credit monitoring and identity theft restoration '
'services',
'data_breach': {'data_exfiltration': 'Yes (25 GB)',
'file_types_exposed': ['Customer records',
'Incident reports',
'Contracts'],
'personally_identifiable_information': ['Names',
'Social Security '
'numbers',
'Driver’s license '
'numbers',
'Financial account '
'details',
'Medical records',
'Health insurance '
'information'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2025-12-08',
'date_publicly_disclosed': '2026-04-10',
'description': 'Windward Life Care, a San Diego-based provider of aging life '
'care management, in-home caregiving, and private home health '
'nursing, disclosed a data breach affecting an undisclosed '
'number of individuals. The breach involved unauthorized '
'access to sensitive data, including personally identifiable '
'information (PII) and protected health information (PHI). The '
'ransomware group Sinobi claimed responsibility and threatened '
'to publish the exfiltrated data if demands were not met.',
'impact': {'brand_reputation_impact': 'Likely significant',
'data_compromised': '25 gigabytes',
'identity_theft_risk': 'High',
'legal_liabilities': 'Possible regulatory fines and legal actions',
'payment_information_risk': 'High'},
'investigation_status': 'Completed (data review concluded on 2026-04-06)',
'motivation': 'Extortion, Data Theft',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Sinobi'},
'references': [{'source': 'Windward Life Care Data Breach Notification'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (suspected)',
'State data breach '
'notification laws'],
'regulatory_notifications': ['California Attorney '
'General',
'New Hampshire '
'Attorney General']},
'response': {'communication_strategy': 'Notification letters to affected '
'individuals, reporting to state '
'attorneys general, offering credit '
'monitoring and identity theft '
'restoration services',
'incident_response_plan_activated': 'Yes',
'third_party_assistance': 'Legal counsel and third-party '
'forensic specialists'},
'threat_actor': 'Sinobi',
'title': 'Windward Life Care Data Breach Impacting Sensitive Personal and '
'Health Information',
'type': 'Data Breach, Ransomware'}