The Lifetime Healthcare Companies (LTHC) recently announced that its IT systems were the target of a sophisticated cyberattack and steps are being taken for the protection of all impacted individuals who do business with any of the following affected affiliated entities:
As a result of cyberattacks on other insurance companies, LTHC engaged FireEye's Mandiant incident response division, a cybersecurity firm, to conduct a forensic assessment of its IT systems. On August 5, 2015, LTHC learned that cyber attackers gained unauthorized access to its IT systems.
LTHC notified the FBI and is cooperating with the bureau's investigation.
"Protecting personal information is one of our top priorities and we take this issue seriously," says Christopher Booth, the corporation's CEO. "We're making a broad range of services available today for our members, patients, and other impacted individuals to help protect their information."
The investigation has not determined that personal information on the company's IT systems was removed or used inappropriately. However, the investigation has determined that attackers may have gained unauthorized access to approximately 3.5 million individuals' information, which could include name, date of birth, Social Security number, mailing address, telephone number, member identification number, financial account information, claims information and, in some instances, clinical information.
LTHC is beginning to mail letters to affected individuals and is providing two years of free identity theft protection services through Kroll, a global leader in risk mitigation and response solutions, including credit monitoring powered by TransUnion. A dedicated call center also has been set up for all impacted individuals. And, the company has established a dedicated website (www.lifethcfacts.com), where members and other affected individuals can view frequent questions and answers and sign up with Kroll for the free credit monitoring service and identity theft protection services. Individuals who believe they are affected by this cyberattack but who have not received a letter by November 9 are encouraged to call the number listed at that website.
"We have already taken aggressive steps to remediate our IT system of issues raised by this cyberattack," Booth says.
"We regret any concern this may cause," Booth adds. "We are providing free credit monitoring and identity theft protection to you for peace of mind. We also pledge to take additional steps to strengthen and enhance security to help avoid having something like this happen again."
Source: The Lifetime Healthcare Companies