Methodist Homes of Alabama & Northwest Florida, a faith-based nonprofit providing senior care services, suffered a cyberattack in October 2024. An unauthorized actor accessed its network between October 2–14, 2024, compromising sensitive personal and medical data of 25,579 individuals across the U.S. Exposed information included full names, Social Security numbers, dates of birth, driver’s license/state ID numbers, medical records (diagnoses, treatments, history), health insurance details, financial account/bank routing numbers, and patient account numbers. The breach was confirmed after a year-long investigation, with notifications sent to victims in October 2025. The incident was reported to the U.S. Department of Health and Human Services (HHS) and multiple state regulators. Affected individuals were offered free credit monitoring, but the exposure of highly sensitive health and financial data poses severe risks, including identity theft, financial fraud, and medical fraud. Legal firms are pursuing class-action lawsuits for compensation, citing violations of data protection laws and potential long-term harm to victims.
Source: https://www.claimdepot.com/investigations/methodist-homes-data-breach-2025
TPRM report: https://www.rankiteo.com/company/methodist-homes-of-alabama-and-northwest-florida
"id": "met2503025100825",
"linkid": "methodist-homes-of-alabama-and-northwest-florida",
"type": "Cyber Attack",
"date": "10/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 25579,
'industry': 'healthcare (senior living and care '
'services)',
'location': {'headquarters': 'Birmingham, AL, USA',
'operational_areas': ['Alabama',
'Northwest '
'Florida']},
'name': 'Methodist Homes of Alabama & Northwest '
'Florida',
'size': {'communities_operated': 13,
'individuals_impacted': 25579},
'type': 'nonprofit organization'}],
'customer_advisories': ['Enroll in credit monitoring (TransUnion Cyberscout).',
'Monitor accounts for unauthorized activity.',
'Consider fraud alerts or credit freezes.',
'Contact financial institutions if suspicious '
'activity is detected.',
'Consult legal representatives for compensation '
'claims.'],
'data_breach': {'data_exfiltration': 'likely (data accessed or obtained by '
'cybercriminals)',
'number_of_records_exposed': 25579,
'personally_identifiable_information': ['full name',
'Social Security '
'number',
'date of birth',
'driver license/state '
'ID number',
'medical record '
'number (MRN)',
'patient account '
'number',
'health insurance '
'information'],
'sensitivity_of_data': 'high (includes SSN, medical records, '
'financial details)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'protected health information '
'(PHI)',
'financial information']},
'date_detected': '2024-10-01',
'date_publicly_disclosed': '2025-01-30',
'date_resolved': '2025-09-02',
'description': 'Shamis & Gentile P.A. is investigating a data breach at '
'Methodist Homes of Alabama & Northwest Florida, a faith-based '
'nonprofit senior care provider. The breach, detected in '
'October 2024, exposed sensitive personally identifiable '
'information (PII) and protected health information (PHI) of '
'25,579 individuals. The compromised data includes names, '
'Social Security numbers, medical records, financial account '
'details, and more. Notification letters were sent to affected '
'individuals in October 2025, and the incident was reported to '
'regulatory authorities, including the U.S. Department of '
'Health and Human Services (HHS).',
'impact': {'brand_reputation_impact': 'high (potential loss of trust in '
'senior care services)',
'data_compromised': ['first and last name',
'Social Security number',
'date of birth',
'driver license or state ID number',
'medical record number (MRN)',
'patient account number',
'Methodist/Methodist numbers',
'health insurance information',
'medical diagnosis',
'diagnosis and treatment',
'medical history information',
'clinical information',
'medical information',
'type of discharge',
'financial account numbers',
'bank routing numbers'],
'identity_theft_risk': 'high (PII and PHI exposed)',
'legal_liabilities': ['potential lawsuits', 'regulatory fines'],
'payment_information_risk': 'high (financial account numbers and '
'routing numbers exposed)',
'systems_affected': ['computer network']},
'initial_access_broker': {'high_value_targets': ['patient data (PII/PHI)',
'financial information']},
'investigation_status': 'completed (review concluded 2025-09-02)',
'motivation': ['financial gain', 'data theft'],
'recommendations': ['Enroll in free credit monitoring (TransUnion '
'Cyberscout).',
'Monitor financial statements for suspicious activity.',
'Place a fraud alert on credit reports.',
'Request annual free credit reports from major bureaus.',
'Seek legal counsel for potential compensation (e.g., '
'out-of-pocket expenses, emotional distress).'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Notice'},
{'source': 'U.S. Department of Health and Human Services (HHS) '
'Breach Portal'},
{'source': 'Maine and New Hampshire State Authorities'}],
'regulatory_compliance': {'legal_actions': ['potential class-action lawsuits '
'(under investigation by Shamis & '
'Gentile P.A.)'],
'regulations_violated': ['HIPAA (likely)',
'state data breach laws '
'(e.g., Maine, New '
'Hampshire)'],
'regulatory_notifications': [{'agency': 'U.S. '
'Department '
'of Health '
'and Human '
'Services '
'(HHS)',
'date': '2025-01-30'},
{'agency': 'Maine '
'state '
'authorities',
'date': '2025-10-07'},
{'agency': 'New '
'Hampshire '
'state '
'authorities',
'date': '2025-10-07'}]},
'response': {'communication_strategy': ['direct notification to affected '
'individuals',
'public disclosure via regulatory '
'filings (HHS, state authorities)',
'legal advisory for potential '
'compensation claims'],
'incident_response_plan_activated': True,
'remediation_measures': ['notification letters to affected '
'individuals (sent 2025-10-03)',
'free single-bureau credit monitoring '
'(TransUnion Cyberscout)',
'fraud alert recommendations',
'credit report access guidance'],
'third_party_assistance': ['TransUnion Cyberscout (credit '
'monitoring services)']},
'stakeholder_advisories': ['Notification letters to affected individuals '
'(2025-10-03).',
'Public advisory via legal investigation (Shamis & '
'Gentile P.A.).'],
'threat_actor': 'cybercriminal(s)',
'title': 'Methodist Homes of Alabama & Northwest Florida Data Breach (2024)',
'type': ['data breach', 'unauthorized access']}