Ever Care Corporation (Right at Home), a major in-home care provider for seniors and disabled adults with over 700 global franchise locations, suffered a ransomware attack in September 2025. The hacking group Sinobi breached its systems, exfiltrating 50 GB of data, including customer records and contracts, which were later leaked on the dark web. The breach exposed sensitive personally identifiable information (PII), putting affected individuals at risk of identity theft, fraud, and financial harm. Notifications were sent to victims in October 2025, offering credit monitoring and fraud assistance. The incident highlights systemic vulnerabilities in data protection, with potential legal repercussions under data breach laws, as victims may seek compensation for damages, emotional distress, and time spent mitigating risks.
Source: https://www.claimdepot.com/investigations/right-at-home-data-breach-2025
TPRM report: https://www.rankiteo.com/company/right-at-home-of-essex-county
"id": "rig2102121102725",
"linkid": "right-at-home-of-essex-county",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'healthcare',
'location': ['United States',
'international (franchise-based)'],
'name': 'Ever Care Corporation d/b/a Right at Home',
'size': '700+ franchise locations',
'type': 'healthcare (in-home care services)'}],
'attack_vector': 'ransomware',
'customer_advisories': ['Enroll in credit monitoring within 90 days.',
'Check credit reports for unauthorized activity.',
'Consider legal action if eligible for compensation.'],
'data_breach': {'data_exfiltration': 'yes (50 GB of data acquired without '
'authorization)',
'personally_identifiable_information': 'yes',
'sensitivity_of_data': 'high (sensitive PII)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'customer data',
'contracts']},
'date_detected': '2025-09-03',
'date_publicly_disclosed': '2025-10-06',
'description': 'Ever Care Corporation, doing business as Right at Home, '
'confirmed a data breach on October 6, 2025, after detecting '
'unusual activity on September 3, 2025. The breach was part of '
'a ransomware attack claimed by the hacking group Sinobi, who '
'posted on the dark web on October 8, 2025, stating they had '
'obtained 50 GB of data, including customer data and '
'contracts. Affected individuals began receiving notifications '
'on October 23, 2025. The company is offering 12 months of '
'free credit monitoring and fraud assistance to those '
'impacted.',
'impact': {'brand_reputation_impact': 'potential reputational damage due to '
'exposure of sensitive customer data',
'data_compromised': ['customer data', 'contracts'],
'identity_theft_risk': 'high (sensitive personally identifiable '
'information exposed)',
'legal_liabilities': 'potential class action lawsuits for failure '
'to safeguard sensitive information'},
'initial_access_broker': {'data_sold_on_dark_web': 'yes (claimed by Sinobi)',
'high_value_targets': ['customer data',
'contracts']},
'investigation_status': 'ongoing (class action investigation by Shamis & '
'Gentile P.A.)',
'ransomware': {'data_encryption': 'likely (part of ransomware attack)',
'data_exfiltration': 'yes (50 GB of data exfiltrated)'},
'recommendations': ['Enroll in free credit monitoring and fraud assistance '
'within 90 days of receiving notification.',
'Obtain a free copy of credit reports from the three '
'major credit bureaus.',
'Place a security freeze or fraud alert on credit '
'reports.',
'Monitor financial accounts and credit reports for '
'suspicious activity.',
'File a police report if identity theft occurs.',
'Consider joining a class action lawsuit if eligible for '
'compensation.'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Notice'},
{'source': 'Right at Home Data Breach Notification '
'(2025-10-23)'},
{'source': 'Sinobi Dark Web Post (2025-10-08)'}],
'regulatory_compliance': {'legal_actions': 'potential class action lawsuits '
'(under investigation by Shamis & '
'Gentile P.A.)'},
'response': {'communication_strategy': 'written notifications sent to '
'affected individuals on 2025-10-23',
'incident_response_plan_activated': 'yes (investigation '
'initiated after detecting '
'unusual activity on '
'2025-09-03)',
'recovery_measures': 'offered 12 months of free credit '
'monitoring and fraud assistance via '
'Cyberscout'},
'stakeholder_advisories': 'Affected individuals notified via written letters '
'on 2025-10-23 with instructions for credit '
'monitoring enrollment.',
'threat_actor': 'Sinobi',
'title': 'Ever Care Corporation d/b/a Right at Home Data Breach and '
'Ransomware Attack',
'type': ['data breach', 'ransomware attack']}