Medical device manufacturer LivaNova USA is sending notifications to 130,000 individuals warning that their personal information was compromised in an October 2023 data breach.
The incident, according to a notification letter to the impacted individuals, was identified on November 19, roughly one month after hackers breached its network. LivaNova says it took certain systems offline in response to the incident, without sharing further details on the nature of attack.
In December 2023, however, the LockBit ransomware gang claimed responsibility for the incident and for the theft of 2.2 terabytes of data from the company.
According to LivaNova, its investigation determined in April that the hackers stole personal information from its systems, including names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, medical information, and health insurance information.
The medical device maker disclosed to the Maine Attorney General’s Office that 129,219 individuals were impacted by the incident and that it was offering them two years of free identity protection and credit monitoring services.
LivaNova first disclosed the attack on April 25, in an incident notice on its website, which revealed that it had resumed manufacturing in certain locations that were affected by the disruption.
The notice also revealed that the hackers first accessed LivaNova’s systems on October 26, nearly one month after the ransomware attack was discovered.
“The incident resulted in a disruption to portions of the Company’s information technology systems. In the course of its investigation, the company determined that its systems were first accessed by an unauthorized party around October 26, 2023,” LivaNova said.
In February, the company announced that it had incurred costs of $2.6 million during the fourth quarter of 2023 because of this incident.
Related: MediSecure Data Breach Impacts Patient and Healthcare Provider Information
Related: Kaiser Permanente Data Breach Impacts 13.4 Million Patients
Related: Ardent Hospitals Diverting Patients Following Ransomware Attack
Related: Tampa General Hospital Says Patient Information Stolen in Ransomware Attack