Major Healthcare Data Breaches and Legal Fallout in the United States
Continuum Health Alliance, a health management provider based in New Jersey, agreed to settle a consolidated class action lawsuit following a data breach in October 2023 that compromised the personal information of over 377,000 patients from its client, Consensus Medical Group. The breach involved unauthorized access to sensitive data, including names and Social Security numbers, and led to multiple legal claims consolidated in New Jersey court. The settlement was reached after mediation, with all parties agreeing it was preferable to continued litigation, though the defendants denied liability.
Separately, Denton County MHMR Center in Texas reported a significant data breach affecting nearly 109,000 patients, with unauthorized access occurring in December 2024. The compromised data included a wide range of protected health information, and affected individuals were notified and offered credit monitoring services. Additionally, Conduent, a major medical services provider, disclosed that a 2024 hacking incident impacted nearly 14.8 million Texans, a substantial increase from previous estimates, highlighting the ongoing challenges in accurately assessing the scope of large-scale healthcare data breaches and the risks posed by third-party vendors.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
13 events from the most recent confirmed update back to the earliest known activity.
Final fairness hearing scheduled for Continuum settlement
A final fairness hearing for the Continuum Health Alliance data breach settlement is scheduled for March 16, 2026. The hearing will determine whether the proposed class action settlement receives final court approval.
Continuum settlement claims deadline set
The proposed Continuum Health Alliance settlement set March 2, 2026 as the deadline for class members to submit claims. Eligible individuals can seek compensation and monitoring benefits under the agreement.
Continuum agrees to settle class action over 2023 breach
Continuum Health Alliance agreed to settle consolidated class action litigation over its October 2023 data breach. The proposed settlement provides reimbursement for out-of-pocket losses, a cash payment option, complimentary medical data monitoring, and commitments to improve security practices.
Conduent updates Texas filing to 14.79 million affected Texans
By January 2026, Conduent updated its breach report to Texas regulators to show 14,791,500 affected individuals in Texas alone, up from an earlier nationwide estimate of 10.5 million. The revised figure indicated the total U.S. impact was likely substantially higher.
Denton County begins notifying 109,000 affected patients
About a year after the December 2024 incident, Denton County MHMR Center began sending notification letters to nearly 109,000 affected current and former patients. The organization offered credit monitoring and identity protection services and said it had no evidence of misuse of the data.
Denton County reports breach to HHS OCR
Denton County MHMR Center reported its data breach to the U.S. Department of Health and Human Services' Office for Civil Rights on November 5, 2025. State attorneys general were also notified.
Conduent begins mailing breach notifications
Conduent started sending notification letters in October 2025 to affected individuals on behalf of its clients. The company also established a call center and projected notification-related costs of about $25 million by the first quarter of 2026.
SafePay claims responsibility for Conduent hack
The SafePay ransomware group publicly claimed responsibility for the Conduent breach and threatened to publish 8.5 terabytes of allegedly stolen data. Conduent was later no longer listed on the group's leak site.
Conduent detects 2024 hacking incident
Conduent detected the unauthorized access in January 2025 after attackers had exfiltrated files containing personal and health-related information. The company later tied the incident to a broad breach affecting multiple healthcare-sector clients.
Denton County MHMR Center network accessed by unauthorized party
Between December 24 and December 25, 2024, an unauthorized third party accessed Denton County MHMR Center's computer network. The breach exposed personal, medical, and biometric information of nearly 109,000 current and former patients.
Conduent intrusion begins in limited IT environment
Unauthorized access to Conduent Business Services' systems began in October 2024, leading to the exfiltration of files from a limited portion of its IT environment. The incident affected healthcare and government clients that relied on Conduent's back-office services.
Continuum notifies affected individuals of 2023 breach
Affected individuals were notified in April 2024 about the Continuum Health Alliance breach involving Consensus Medical Group patient data. The notifications informed patients that sensitive information had been accessed without authorization.
Continuum Health Alliance breach compromises 377,000+ patients
In October 2023, Continuum Health Alliance suffered a data breach affecting more than 377,000 patients of Consensus Medical Group. Exposed information included sensitive personal data such as names and Social Security numbers.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
5 references tracked. Mallory keeps watching after this page renders.
Conduent Business Services Data Breach Victim Count Swells to More Than 14.7M
hipaajournal.com
Open sourceContinuum Health Alliance Settles Class Action Data Breach Lawsuit
hipaajournal.com
Open sourceDenton County MHMR Center Data Breach Affects 109,000 Patients
hipaajournal.com
Open sourceConduent Hack Victim Count Soars by at Least 50%
govinfosecurity.com
Open sourceConduent Hack Victim Count Soars by at Least 50%
bankinfosecurity.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Major Healthcare Data Breaches and Impacts in 2025
Healthcare organizations experienced a significant number of large-scale data breaches in 2025, with nearly 57 million individuals affected and at least 642 incidents reported to the Department of Health and Human Services (HHS) Office for Civil Rights. While this represents a notable decrease from the previous year, the sector continues to face substantial risks, with several high-profile breaches exposing sensitive patient information. Notable incidents include breaches at major healthcare providers and patient information portals, with some cases resulting in legal settlements and direct financial compensation to affected individuals. Among the most impactful breaches, Consulting Radiologists Ltd. agreed to a $2.2 million settlement after a 2024 breach exposed the personal and medical data of approximately 512,000 people. Additionally, New Zealand's ManageMyHealth platform reported a breach potentially affecting over 108,000 users, highlighting the global nature of healthcare data security challenges. These incidents underscore the ongoing threat to patient privacy and the financial and reputational consequences for healthcare organizations that fail to adequately protect sensitive information.
Mar 21, 2026
Healthcare Data Breach Disclosures and Litigation Affecting Hundreds of Thousands of Patients
**Bell Ambulance** reported that a February 2025 network intrusion led to the compromise of protected health information for **237,830 individuals**, after unauthorized activity was detected on **Feb. 13, 2025**. The organization said the exposed data can include **names, dates of birth, Social Security numbers, driver’s license numbers, financial account information, medical information, and health insurance information**; it offered **12–24 months** of credit monitoring/identity protection and stated it was not aware of misuse at the time of notification. The incident response included third-party forensic support, and notifications were issued in phases as the data review progressed, with additional letters sent into March 2026. Separately, **Cornerstone Specialty Hospitals** agreed to pay **$2.35 million** to settle a class action lawsuit tied to a data breach that reportedly affected **nearly 500,000 individuals**. The available reporting focuses on the settlement amount and impacted population size, indicating ongoing legal and financial consequences for large-scale healthcare data exposure even when technical details of the underlying intrusion are not publicly described in the same source.
Mar 20, 2026
Major Healthcare and Hospitality Data Breaches Expose Millions of Records
Over 4 million Texans have been affected by a significant data breach at Conduent Business Services, marking one of the largest such incidents in U.S. history. The breach has prompted legal action and investigations, with the potential for compensation for impacted individuals. In a separate incident, Doctor Alliance, a healthcare technology firm serving multiple providers, suffered a cyberattack resulting in the theft of over 1.2 million records. Attackers have threatened to release sensitive medical data, including diagnoses, prescriptions, and insurance information, unless a ransom is paid, raising serious concerns about identity theft and medical fraud. Additionally, The Thayer Hotel in New York experienced a breach in which more than 33,000 individuals had personal information stolen, including government-issued IDs and, in some cases, Social Security numbers. The hotel, located near the West Point Military Academy, has offered affected individuals free identity theft protection. While there is no evidence yet of misuse, the stolen data could be leveraged for phishing, identity theft, or malware attacks, especially given the military-affiliated clientele. These incidents highlight the ongoing risks posed by cyberattacks targeting organizations that handle sensitive personal and medical information.
Mar 21, 2026