Modernizing Medicine (ModMed), a provider of electronic health records (EHR) and healthcare IT services, suffered a data breach in July 2025. An unauthorized actor accessed and exfiltrated sensitive files between July 9–10, 2025, compromising personally identifiable information (PII) and protected health information (PHI). Exposed data included full names, addresses, Social Security numbers, medical records, health insurance details, billing codes, prescription information, and treatment histories. The breach affected at least 737 Massachusetts residents, with additional victims across multiple practices. ModMed detected suspicious activity on July 21, 2025, confirmed the breach on July 29, and began notifying impacted parties in September–October 2025. The company responded by blocking further access, engaging cybersecurity experts, and reporting to law enforcement. Affected individuals were offered free credit monitoring and identity theft protection. The incident highlights risks to patient privacy, financial fraud, and medical identity theft, with potential long-term reputational and operational consequences for ModMed.
Source: https://www.claimdepot.com/data-breach/modernizing-medicine-2025
TPRM report: https://www.rankiteo.com/company/modernizing-medicine
"id": "mod1692816102125",
"linkid": "modernizing-medicine",
"type": "Breach",
"date": "7/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Multiple practices and patients '
'(including at least 737 '
'Massachusetts residents)',
'industry': 'Healthcare IT / Electronic Health Records '
'(EHR)',
'location': 'United States (primarily serving podiatry '
'practices)',
'name': 'Modernizing Medicine (ModMed)',
'type': 'Healthcare Technology Company'},
{'customers_affected': 'Patients of affected practices '
'(total number not disclosed)',
'industry': 'Healthcare / Podiatry',
'location': 'United States (including Massachusetts '
'and Vermont)',
'name': 'Podiatry Practices (Customers of ModMed)',
'type': 'Healthcare Providers'}],
'customer_advisories': ['Offered free IDX credit monitoring and identity '
'theft protection services to individuals with '
'compromised Social Security numbers',
'Advised monitoring of credit reports and financial '
'accounts',
'Warned about potential phishing attempts using '
'exposed data',
'Recommended fraud alerts or credit freezes'],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 'At least 737 (Massachusetts '
'residents); total number not '
'disclosed',
'personally_identifiable_information': ['Full names',
'Addresses',
'Dates of birth',
'Social Security '
'numbers',
'Phone numbers',
'Email addresses',
'Health insurance '
'information',
'Medical record '
'numbers',
'Patient account '
'numbers'],
'sensitivity_of_data': 'High (includes Social Security '
'numbers, medical records, and '
'financial information)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)']},
'date_detected': '2025-07-21',
'date_publicly_disclosed': '2025-09-19',
'description': 'Modernizing Medicine, a provider of electronic health records '
'and services to podiatry practices, experienced a data breach '
'in July 2025. An unauthorized actor accessed and copied files '
'containing sensitive personally identifiable information '
'(PII) and protected health information (PHI) between July 9 '
'and July 10, 2025. The breach was detected on July 21, 2025, '
'and investigations confirmed the unauthorized access. '
'Affected individuals were notified starting September 19, '
'2025, with disclosures made to state attorneys general in '
'October 2025. The breach impacted at least 737 Massachusetts '
'residents, among other patients and practices. ModMed '
'responded by blocking unauthorized access, engaging '
'cybersecurity experts, notifying law enforcement, and '
'offering credit monitoring and identity theft protection '
'services to affected individuals.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive health and '
'personal data',
'data_compromised': ['Personally Identifiable Information (PII)',
'Protected Health Information (PHI)',
'Full names',
'Addresses',
'Dates of birth',
'Social Security numbers',
'Phone numbers',
'Email addresses',
'Health insurance information',
'Medical record numbers',
'Patient account numbers',
'Dates of service',
'Providers',
'Practice names',
'Billing and diagnostic codes',
'Prescription and medication information',
'Diagnosis and treatment information'],
'identity_theft_risk': 'High (Social Security numbers, health '
'insurance, and financial data exposed)',
'legal_liabilities': 'Potential legal liabilities due to exposure '
'of PII and PHI under HIPAA and state laws',
'systems_affected': ['Computer servers']},
'initial_access_broker': {'high_value_targets': ['PII and PHI databases']},
'investigation_status': 'Completed (as of public disclosures in October 2025)',
'ransomware': {'data_exfiltration': True},
'recommendations': ['Sign up for free credit monitoring and identity theft '
'protection services offered by ModMed',
'Monitor credit reports and financial accounts for '
'unusual activity',
'Be alert for phishing emails or calls exploiting exposed '
'information',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus'],
'references': [{'source': 'Modernizing Medicine (ModMed) Official Website',
'url': 'https://www.modmed.com'},
{'date_accessed': '2025-10-17',
'source': 'Massachusetts Attorney General Data Breach '
'Notification'},
{'date_accessed': '2025-10-20',
'source': 'Vermont Attorney General Data Breach '
'Notification'}],
'regulatory_compliance': {'regulations_violated': ['Potential HIPAA '
'violations',
'State data breach '
'notification laws (e.g., '
'Massachusetts, Vermont)'],
'regulatory_notifications': ['Massachusetts '
'Attorney General '
'(disclosed Oct. 17, '
'2025)',
'Vermont Attorney '
'General (disclosed '
'Oct. 20, 2025)',
'Federal disclosures '
'(likely HHS/OCR under '
'HIPAA)']},
'response': {'communication_strategy': ['Notified impacted healthcare '
'providers (starting Sept. 19, 2025)',
'Mailed notices to affected '
'individuals (Oct. 17, 2025)',
'Disclosed to Massachusetts Attorney '
'General (Oct. 17, 2025)',
'Disclosed to Vermont Attorney '
'General (Oct. 20, 2025)'],
'containment_measures': ['Blocked further unauthorized access'],
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'third_party_assistance': ['Cybersecurity experts']},
'stakeholder_advisories': ['Notified healthcare providers (Sept. 19, 2025)',
'Notified affected individuals (Oct. 17, 2025)'],
'threat_actor': 'Unauthorized Actor',
'title': 'Modernizing Medicine (ModMed) Data Breach - July 2025',
'type': ['Data Breach', 'Unauthorized Access']}