Ever Care Corporation (Right at Home)

On October 6, 2025, Ever Care Corporation (operating as Right at Home) suffered a ransomware attack executed by the Sinobi group, which exfiltrated 50 GB of data, including customer information, contracts, and potentially protected health information (PHI) and personally identifiable information (PII). The breach was first detected on September 3, 2025, but publicly disclosed on October 24, 2025, after the threat actors posted details on a dark web forum. The company confirmed unauthorized access and acquisition of files, though the full scope of exposed consumer data remains undisclosed.In response, Right at Home offered 12 months of complimentary credit monitoring via Cyberscout (TransUnion) to affected individuals, along with fraud assistance and credit alert services. The breach poses risks of identity theft, financial fraud, and misuse of sensitive health data, prompting the company to advise vigilance through credit freezes, fraud alerts, and monitoring of financial accounts. A dedicated helpline was established for inquiries, but the long-term repercussions—such as regulatory penalties, reputational damage, or operational disruptions—remain uncertain.

Source: https://www.claimdepot.com/data-breach/right-at-home-2025

TPRM report: https://www.rankiteo.com/company/evercare

"id": "eve4402244102725",
"linkid": "evercare",
"type": "Ransomware",
"date": "9/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'Home Healthcare',
                        'name': 'Ever Care Corporation (Right at Home)',
                        'type': 'Healthcare Services'}],
 'customer_advisories': ['Notification letters sent to affected individuals',
                         'Dedicated assistance line (800-405-6108) for '
                         'questions and support',
                         'Guidance on credit monitoring, fraud alerts, and '
                         'free credit reports'],
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (includes PII and potential PHI)',
                 'type_of_data_compromised': ['Customer Information',
                                              'Contracts',
                                              'Personally Identifiable '
                                              'Information (PII)',
                                              'Potentially Protected Health '
                                              'Information (PHI)']},
 'date_detected': '2025-09-03',
 'date_publicly_disclosed': '2025-10-24',
 'description': 'On Oct. 6, 2025, Ever Care Corporation, which does business '
                'as Right at Home, experienced a data breach detected on Sept. '
                '3, 2025. The breach was attributed to a ransomware attack by '
                'the Sinobi group, who claimed to have stolen 50 GB of data, '
                'including customer information and contracts. Personal '
                'information, potentially including PII and PHI, was exposed. '
                'The company is offering affected individuals 12 months of '
                'complimentary credit monitoring and fraud assistance services '
                'through Cyberscout.',
 'impact': {'data_compromised': ['Customer Information',
                                 'Contracts',
                                 'Personally Identifiable Information (PII)',
                                 'Potentially Protected Health Information '
                                 '(PHI)'],
            'identity_theft_risk': 'High (due to PII and potential PHI '
                                   'exposure)'},
 'initial_access_broker': {'data_sold_on_dark_web': 'Claimed by Sinobi group '
                                                    '(50 GB of data posted on '
                                                    'dark web forum on '
                                                    '2025-10-08)'},
 'investigation_status': 'Ongoing (as of reporting date)',
 'ransomware': {'data_exfiltration': True},
 'recommendations': ['Monitor credit reports regularly',
                     'Place a security freeze or fraud alert on credit files',
                     'Watch for suspicious activity on financial accounts',
                     'Enroll in complimentary credit monitoring services '
                     'within 90 days of notification'],
 'references': [{'source': "Maine Attorney General's Office (Breach "
                           'Notification)'},
                {'source': 'Right at Home Customer Advisory'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Attorney '
                                                        'General (disclosed on '
                                                        '2025-10-24)']},
 'response': {'communication_strategy': ['Notification letters to affected '
                                         'individuals',
                                         'Dedicated assistance line '
                                         '(800-405-6108)',
                                         'Instructions for credit monitoring '
                                         'and fraud alerts'],
              'incident_response_plan_activated': True,
              'recovery_measures': ['Offering 12 months of complimentary '
                                    'single bureau credit monitoring, credit '
                                    'report, and credit score services'],
              'third_party_assistance': ['Cyberscout (TransUnion) for credit '
                                         'monitoring and fraud assistance']},
 'threat_actor': 'Sinobi group',
 'title': 'Data Breach at Ever Care Corporation (Right at Home) Due to '
          'Ransomware Attack',
 'type': ['Data Breach', 'Ransomware Attack']}