On January 9, 2025, EncompassCare filed a notice of data breach with the Attorney General of Massachusetts after discovering that an unauthorized party was able to access confidential information that had been entrusted to the company. In this notice, Encompass Care explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, addresses, phone numbers, dates of birth, Social Security numbers, medical information, and health insurance information. Upon completing its investigation, Encompass Care began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from EncompassCare, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the EncompassCare data breach. For more information, please see our recent piece on the topic here.
What Caused the EncompassCare Data Breach?
The EncompassCare data breach was only recently announced, and more information is expected in the near future. However, Encompass Care’s filing with the Attorney General of Massachusetts provides some important information on what led up to the breach. According to this source, EncompassCare identified unusual activity on its management company’s computer network on October 4, 2024. In response, EncompassCare contained the incident and then launched an internal investigation. Later, the company enlisted the help of third-party cybersecurity experts to conduct further investigations.
Through this investigation, EncompassCare confirmed that an unauthorized party accessed its management company’s IT network on September 17, 2024. There was also evidence suggesting that during the period of unauthorized access, the hackers acquired documents containing confidential consumer information.
After learning that sensitive consumer data was accessible to an unauthorized party, EncompassCare reviewed the compromised files to determine what information was leaked and which consumers were impacted. EncompassCare completed this process on November 19, 2024. While the breached information varies depending on the individual, it may include your name, address, phone number, date of birth, Social Security number, medical information, and health insurance information.
On January 9, 2025, EncompassCare sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About EncompassCare
EncompassCare is a healthcare provider specializing in rehabilitation and skilled nursing services, partnering with long-term care facilities to deliver patient-centered care. Headquartered in Lima, Ohio, the organization offers physical, occupational, and speech therapy services tailored to the unique needs of each patient. EncompassCare focuses on improving patient outcomes through innovative treatment programs and dedicated support for healthcare facilities. The organization employs approximately 41 employees and generates an estimated $6.5 million in annual revenue.
