LifeLong Medical Care Data Breach Lawsuit Investigation
On January 14, 2026, LifeLong Medical Care began notifying patients that a cybersecurity incident involving its business associate TriZetto Provider Solutions exposed sensitive personal and health-insurance data. If you received a breach letter, you can request a free, confidential case review to learn your rights and potential compensation.
Snapshot of the Breach
- Business associate involved: TriZetto Provider Solutions (TPS)
- Unauthorized access period: November 2024 – October 2, 2025
- Discovery date: October 2, 2025
- Provider notification began: December 9, 2025
- Patient letters mailed: January 14, 2026
- Identity-theft protection offered through Kroll
What Happened
LifeLong Medical Care (LifeLong Medical Care) learned from TriZetto Provider Solutions that an unauthorized actor accessed a web portal used for insurance-eligibility verification beginning in November 2024. TPS detected suspicious activity on October 2, 2025, launched an investigation with external cybersecurity experts, mitigated the intrusion, and notified law-enforcement authorities.
A comprehensive review of the affected data identified the patients whose records were accessed. TPS began informing healthcare providers, including LifeLong Medical Care, on December 9, 2025. LifeLong then mailed individual notices to impacted patients on January 14, 2026.
What Information Was Exposed?
The data accessed varies by patient and may include:
- Name
- Address
- Date of birth
- Social Security number
- Health-insurance member number (including Medicare beneficiary identifiers)
- Health insurer name
- Provider name
- Primary insured or dependent information
- Other demographic, health, and health-insurance details
No payment-card, bank-account, or other financial information was involved.
Actions Taken by LifeLong Medical Care
According to the notice, LifeLong Medical Care is:
- Working with its technical solutions partner, OCHIN, to validate vendor security safeguards.
- Reviewing internal processes to lower the risk of a similar incident.
- Coordinating with TPS and Kroll to provide identity-theft protection, a dedicated call center, and future updates to impacted individuals.
Recommended Steps for Patients
LifeLong Medical Care advises patients to:
- Enroll in the complimentary identity-monitoring services offered through Kroll once enrollment details are received.
- Stay vigilant by reviewing account statements and free annual credit reports.
- Report any suspicious activity to financial institutions immediately.
Legal Rights & Lawsuit Investigation
Healthcare providers have a duty under HIPAA and state privacy laws to safeguard protected health information. Individuals whose data was exposed may pursue claims for:
- Reimbursement of out-of-pocket expenses related to credit monitoring or fraud resolution
- Compensation for time spent addressing the breach
- Pain, suffering, or emotional distress caused by the breach
Attorneys are currently investigating potential legal claims on behalf of affected LifeLong Medical Care patients. Completing a free case review helps determine eligibility to participate in any forthcoming lawsuit or settlement.
Company Overview
Founded in 1976, LifeLong Medical Care delivers comprehensive health services to communities across the San Francisco Bay Area.
- Headquarters: 2344 Sixth Street, Berkeley, CA, United States
- Industry: Healthcare
- Employees: 1,259
- Website: lifelongmedical.org
- Founded: 1976
Frequently Asked Questions
1. I received a data breach letter from LifeLong Medical Care — what should I do?
Follow the instructions in the letter, enroll in the free identity-monitoring services offered through Kroll when available, and monitor your financial accounts and credit reports for any unusual activity.
2. How do I submit a claim related to the LifeLong Medical Care data breach?
You can request a free case evaluation with a privacy attorney to determine eligibility. Keep your breach letter and any receipts for expenses related to credit monitoring or fraud prevention.
3. What information did the LifeLong Medical Care breach expose?
Exposed data may include your name, address, date of birth, Social Security number, health-insurance details, provider name, and other demographic or insurance information.
4. Did LifeLong Medical Care offer credit monitoring, and for how long?
Yes. Impacted individuals will receive identity-theft protection services through Kroll. The enrollment instructions and coverage details will be provided in a subsequent communication from Kroll.
5. How many people were affected by the LifeLong Medical Care breach?
The total number of affected patients has not been disclosed in the public notice. LifeLong Medical Care is notifying each impacted individual directly.
6. How can I get the official breach notice (PDF) for LifeLong Medical Care?
You can download the Attorney General filing directly here or by clicking the “Download Official Breach Notice” button above.
