What Happened?
On December 8, 2025, Windward Life Care identified unusual activity within its computer network. The organization engaged outside legal counsel and third-party forensic specialists to investigate. The investigation determined that an unauthorized third party gained access to the network on December 8, 2025 and may have viewed or copied files containing personal and protected health information.
On January 5, 2026, a ransomware group known as Sinobi posted a claim on the Tor network announcing it had obtained approximately 25 gigabytes of Windward Life Care’s data, including customer data, incident records, and contracts. When no ransom was paid, the group proceeded to publish the data.
Windward Life Care completed its comprehensive review of the affected data on April 6, 2026 and mailed notification letters to affected individuals on April 10, 2026. The total number of individuals affected has not been publicly disclosed.
What Information Was Exposed?
The compromised data includes both personally identifiable information and protected health information. Per official breach notices filed with state attorneys general, the types of information potentially exposed include:
- Full name and address
- Social Security number
- Driver’s license number
- Taxpayer identification number
- Passport information
- Patient and personal identification numbers
- Financial account numbers and debit or credit card numbers
- Medical information and health insurance information
- Usernames, email addresses, and account access information
- Handwriting or electronic signatures
The fact that a ransomware group has claimed to have published this data means affected individuals face ongoing and elevated risks of identity theft, financial fraud, and exploitation.
What Is Windward Life Care Doing?
Windward Life Care is offering affected individuals at least 12 months of complimentary single-bureau credit monitoring, credit report, credit score, and identity theft restoration services through Cyberscout, a TransUnion company. The company is also providing proactive fraud assistance.
To enroll, affected individuals can visit the Cyberscout activation page and enter the unique code provided in their notification letter. Enrollment must be completed within 90 days of the letter date.
Why This Incident Is Especially Concerning
A claimed data exfiltration with subsequent publication on the dark web means the stolen information may be actively circulating among bad actors. Older adults and disabled individuals whose information was exposed face a heightened and ongoing threat of:
- Identity theft and fraudulent account creation
- Tax refund fraud using stolen Social Security numbers
- Medicare and Medicaid fraud using exposed insurance details
- Financial exploitation targeting vulnerable individuals
Your Rights as an Affected Individual
If your information or the information of a family member was compromised in the Windward Life Care data security incident, you may have legal rights under California law, HIPAA, and other applicable state privacy statutes. Depending on the circumstances, you may be entitled to recover compensation for:
- The unauthorized exposure of sensitive personal and medical information
- Costs associated with credit monitoring and identity protection
- Actual financial losses resulting from identity theft or fraud
- Emotional distress caused by the exposure of private information
Contact Wilshire Law Firm for a Free Consultation
Wilshire Law Firm is actively evaluating claims on behalf of individuals affected by the Windward Life Care data security incident. Our attorneys are deeply committed to protecting the rights of consumers — especially seniors and disabled adults — whose personal information has been exposed.
We take no fees unless you get paid.
Call us 24/7 or contact us online for a free and confidential case evaluation.
