Mobility Solution Company ‘Numotion’ Data Breach Exposes Data of Half a Million People

A security incident against mobility solution provider Numotion last year exposed the personal data of nearly half a million people.

Numotion hit by cyberattack last year

Numotion, a leading provider of mobility products and services for individuals with mobility issues, was hit by a cyberattack in 2024.

A security advisory on Numotion’s website revealed that the company only recently discovered the security breach.

“Numotion recently learned that someone accessed certain employee email accounts without authorization on several occasions between September 2, 2024, and November 18, 2024,” reads the notice. “Numotion has no reason to believe that anyone was trying to access personal information in the accounts, and there is no indication that any information has been used for fraud or identity theft.”

Attackers exposed several types of sensitive data

In investigating the incident, the company learned that threat actors had gained unauthorized access to various types of sensitive customer information.

According to Numotion, exposed data may have included:

• Full names
• Dates of birth
• Payment information
• Financial account information
• Product information
• Health insurance details
• Medical information
• Driver’s license numbers
• Social Security Numbers (SSNs)

As usual, the type and degree of data exposed to perpetrators varied by individual. Although the notice didn’t name the perpetrators, the infamous Black Basta ransomware group has reportedly claimed the attack.

Company response and mitigation

According to the security notice, Numotion has notified affected parties via email. It is unclear how or if the company alerted customers who failed to provide a valid mailing address to the company.

While Numotion claims it has no evidence that perpetrators used any of the leaked documents for identity theft or fraud, it offered complimentary identity theft protection to individuals whose Social Security numbers (SSNs) were leaked.

The importance of being prepared for data breaches

Unfortunately, in such cases, there is little customers can do to prevent their data from falling into the wrong hands. However, this doesn’t mean preparedness is futile.

Specialized services like Bitdefender Digital Identity Protection can help you monitor your online data, including traces from services you no longer use.

It constantly scans both the public and the Dark Web, notifies you instantly if you have been compromised in a data breach, and allows you to patch vulnerable spots in your digital footprint with one-click action items.