ERMI LLC: ERMI Data Breach Lawsuit Investigation

ERMI LLC: ERMI Data Breach Lawsuit Investigation

ERMI LLC Data Breach Exposes Sensitive Health Records in Prolonged Cybersecurity Incident

A data breach at ERMI LLC, a medical device company based in Atlanta, Georgia, has exposed sensitive health records and personally identifiable information (PII) of affected individuals. The incident, discovered on July 25, 2025, involved unauthorized access to a limited number of employee email accounts.

Investigations revealed that the threat actor may have accessed or exfiltrated files between February 15, 2025, and August 14, 2025. After a detailed review, ERMI confirmed on April 17, 2026, that the compromised data included health records. The company, which specializes in home-based motion restoration programs for patients with severe mobility impairments, has not disclosed the total number of individuals impacted.

Shamis & Gentile P.A., a class action law firm, is investigating the breach and potential legal claims for affected individuals. Those who received breach notifications may be eligible for compensation. The incident underscores the risks of prolonged unauthorized access in healthcare-related cybersecurity breaches.

Source: https://www.claimdepot.com/investigations/ermi-data-breach-2026

Ermi LLC. cybersecurity rating report: https://www.rankiteo.com/company/ermi-llc.

"id": "ERM1779906503",
"linkid": "ermi-llc.",
"type": "Breach",
"date": "2/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'Atlanta, Georgia',
                        'name': 'ERMI LLC',
                        'type': 'Medical Device Company'}],
 'attack_vector': 'Unauthorized access to employee email accounts',
 'data_breach': {'data_exfiltration': 'Possible',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Sensitive health records',
                                              'Personally identifiable '
                                              'information (PII)']},
 'date_detected': '2025-07-25',
 'description': 'A data breach at ERMI LLC, a medical device company, exposed '
                'sensitive health records and personally identifiable '
                'information (PII) of affected individuals. The incident '
                'involved unauthorized access to a limited number of employee '
                'email accounts, with potential data exfiltration between '
                'February 15, 2025, and August 14, 2025.',
 'impact': {'data_compromised': 'Sensitive health records and personally '
                                'identifiable information (PII)',
            'identity_theft_risk': 'High',
            'legal_liabilities': 'Potential legal claims under investigation',
            'systems_affected': 'Employee email accounts'},
 'investigation_status': 'Ongoing',
 'references': [{'source': 'Class action law firm investigation'}],
 'regulatory_compliance': {'legal_actions': 'Class action investigation by '
                                            'Shamis & Gentile P.A.'},
 'title': 'ERMI LLC Data Breach Exposes Sensitive Health Records',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.