Life in Motion Family Wellness Center Data Breach Affects 3,747 Indiana Patients

Life in Motion Family Wellness Center, operated by Kathalene Keller Riney NP, LLC in Indiana, has reported a significant data breach affecting 3,747 patients to the U.S. Department of Health and Human Services. The cybersecurity incident, disclosed on August 12, 2025, involved unauthorized access to the practice's electronic medical records system.

What Happened

Life in Motion Family Wellness Center experienced a data breach that compromised sensitive personal identifiable information and protected health information belonging to over 3,700 patients. The breach occurred through unauthorized access and disclosure of data stored in the practice's electronic medical record system.

According to breach notifications, the healthcare provider has identified and secured the source of the breach. The practice has notified federal, state, and local agencies in accordance with HIPAA breach reporting requirements. A police investigation is currently ongoing, with Life in Motion Family Wellness Center and Kathalene Keller Riney, NP providing full cooperation to law enforcement and regulatory agencies.

Prominent data breach law firm Strauss Borrelli PLLC has announced they are investigating the incident, which often indicates the potential for class action litigation as affected patients seek remedies for the exposure of their sensitive health information.

Who Is Affected

The breach impacts 3,747 individuals who received healthcare services from Life in Motion Family Wellness Center. The affected patients had their personal identifiable information and protected health information stored in the practice's electronic medical record system at the time of the unauthorized access.

Patients of Kathalene Keller Riney, NP, who operates the Indiana-based family wellness practice, should be aware that their sensitive health data may have been compromised. The practice is required under HIPAA to notify all affected individuals directly about the breach within 60 days of discovery.

Breach Details

The Life in Motion Family Wellness Center data breach is classified as an "Unauthorized Access/Disclosure" incident affecting electronic medical records. While specific technical details about the attack method have not been disclosed, the involvement of law enforcement suggests this may have been a criminal cybersecurity incident.

Key breach facts:

• Entity: Kathalene Keller Riney NP, LLC DBA Life in Motion Family Wellness Center
• Location: Indiana
• Affected Individuals: 3,747 patients
• Breach Type: Unauthorized Access/Disclosure
• System Compromised: Electronic Medical Record
• Date Reported to HHS: August 12, 2025
• Law Enforcement: Police investigation ongoing
• Legal Investigation: Strauss Borrelli PLLC investigating potential class action

The practice has stated that the source of the breach has been identified and secured, indicating they have taken steps to prevent further unauthorized access to patient data.

What This Means for Patients

Patients affected by the Life in Motion Family Wellness Center breach face several potential risks from the exposure of their protected health information and personal identifiable information:

Identity Theft Risk: Personal information exposed in healthcare breaches can be used by criminals to open fraudulent accounts, file fake tax returns, or commit other forms of identity theft.

Medical Identity Theft: Criminals may use stolen health information to obtain medical services, prescription drugs, or file fraudulent insurance claims, which can impact patients' medical records and insurance coverage.

Privacy Violations: The unauthorized disclosure of sensitive health information represents a fundamental violation of patient privacy rights protected under HIPAA.

Financial Impact: Patients may face costs related to credit monitoring, identity theft protection, and resolving fraudulent activities resulting from the breach.

The ongoing police investigation suggests this incident may involve criminal activity, which could increase the likelihood that stolen data will be misused for illegal purposes.

How to Protect Yourself

If you are a patient of Life in Motion Family Wellness Center, take these immediate steps to protect yourself:

Monitor Financial Accounts: Review bank statements, credit card bills, and insurance statements for any unauthorized activity. Report suspicious transactions immediately.

Check Credit Reports: Obtain free credit reports from all three major credit bureaus (Equifax, Experian, TransUnion) and look for unfamiliar accounts or inquiries.

Consider Credit Freezes: Place security freezes on your credit files to prevent criminals from opening new accounts in your name.

Watch for Medical Identity Theft: Review medical insurance statements and explanation of benefits forms for services you didn't receive.

Stay Alert for Phishing: Be cautious of emails, calls, or texts claiming to be related to the breach, as criminals often exploit these incidents for additional scams.

Document Everything: Keep records of all communications related to the breach and any steps you take to protect yourself.

Contact the Practice: Reach out to Life in Motion Family Wellness Center for specific information about what data was compromised and what protective measures they are offering.

Prevention Lessons for Healthcare Providers

The Life in Motion Family Wellness Center breach highlights critical cybersecurity vulnerabilities that healthcare providers must address:

Electronic Medical Record Security: Healthcare practices must implement robust security measures for EMR systems, including access controls, encryption, and monitoring for unauthorized access.

Incident Response Planning: Having a comprehensive breach response plan enables faster identification, containment, and reporting of security incidents.

Employee Training: Regular HIPAA and cybersecurity training helps staff recognize and prevent potential security threats.

Risk Assessments: Conducting regular security risk assessments helps identify vulnerabilities before they can be exploited by cybercriminals.

Business Associate Management: Ensuring all business associates have appropriate safeguards and breach notification procedures in place.

Law Enforcement Coordination: Establishing relationships with law enforcement agencies can facilitate faster response to criminal cybersecurity incidents.

Smaller healthcare practices like Life in Motion Family Wellness Center are often targeted by cybercriminals who view them as having weaker security defenses than larger healthcare systems. This incident demonstrates that no practice is too small to be targeted and that comprehensive cybersecurity measures are essential for all healthcare providers.

The involvement of a law firm investigating potential class action litigation also underscores the significant legal and financial consequences healthcare providers face when patient data is compromised.

Protect your practice with AI-powered HIPAA compliance. Get started with HIPAA Agent.