AgeRight Clinical Services Suffers Data Breach Impacting Nearly 5,000 Individuals
On November 21, 2025, AgeRight Clinical Services, a healthcare provider specializing in senior care, disclosed a data breach affecting 4,897 individuals after detecting unauthorized access to its systems. The breach occurred over a month-long period, from August 9 to September 10, 2025, though the exact method of intrusion remains undisclosed.
The exposed data includes sensitive personally identifiable information (PII)—such as names, addresses, dates of birth, and Social Security numbers—as well as protected health information (PHI), including medical diagnoses, treatment details, and insurance records. The prolonged duration of unauthorized access suggests a sophisticated compromise of internal systems.
AgeRight reported the incident to the Oregon Attorney General’s office on the same day it notified affected individuals. While the company has not released specific details about its response, it has taken steps to secure its systems and prevent further unauthorized access, likely involving cybersecurity professionals to investigate vulnerabilities and strengthen defenses.
No responsible party has been identified in connection with the breach.
Source: https://www.claimdepot.com/data-breach/ageright-2025
AgeRight cybersecurity rating report: https://www.rankiteo.com/company/ageright
"id": "AGE1765907858",
"linkid": "ageright",
"type": "Breach",
"date": "8/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '4897',
'industry': 'Healthcare',
'name': 'AgeRight Clinical Services',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Notified affected individuals on 2025-11-21',
'data_breach': {'number_of_records_exposed': '4897',
'personally_identifiable_information': ['Names',
'Addresses',
'Dates of birth',
'Social Security '
'numbers',
'Medical diagnoses',
'Treatment details',
'Insurance '
'information'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally identifiable '
'information (PII)',
'Protected health information '
'(PHI)']},
'date_detected': '2025-08-17',
'date_publicly_disclosed': '2025-11-21',
'description': 'AgeRight Clinical Services, a healthcare provider '
'specializing in senior care, discovered a significant data '
'breach affecting nearly 5,000 individuals. The breach '
'involved unauthorized access to sensitive information, '
'including personally identifiable information (PII) and '
'protected health information (PHI).',
'impact': {'data_compromised': 'Personally identifiable information (PII) and '
'protected health information (PHI)',
'identity_theft_risk': 'High'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Enhanced security '
'protocols'},
'references': [{'source': 'Oregon Attorney General’s office'}],
'regulatory_compliance': {'regulatory_notifications': 'Oregon Attorney '
'General’s office'},
'response': {'communication_strategy': 'Notified affected individuals on '
'2025-11-21',
'containment_measures': 'Secured systems to prevent further '
'unauthorized access',
'law_enforcement_notified': 'Oregon Attorney General’s office',
'third_party_assistance': 'Cybersecurity professionals'},
'title': 'AgeRight Clinical Services Data Breach',
'type': 'Data Breach'}