Erie Family Health Centers, a Chicago-area healthcare provider, disclosed a network intrusion that exposed sensitive personal information and protected health information for more than 570,000 individuals. The organization said an unauthorized third party had access to its network from December 10, 2025, through January 27, 2026, when suspicious activity was detected and an investigation began. Impacted data varied by person but included identifiers such as Social Security numbers, financial account information, online credentials, biometric data, and medical treatment, diagnosis, and other health records.
Erie said it secured the affected network, brought in third-party digital forensics and cybersecurity experts, notified law enforcement, and reported the incident to the U.S. Department of Health and Human Services Office for Civil Rights. The provider also said it strengthened security controls and is offering affected individuals complimentary credit monitoring and identity theft protection. No threat group had publicly claimed responsibility, and Erie had not disclosed attribution, the amount of data taken, or whether the intrusion involved a ransom demand.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
4 events from the most recent confirmed update back to the earliest known activity.
Erie Family Health Centers disclosed a data breach affecting over 570,000 individuals, stating that exposed information varied by person and included personal data, financial information, biometric data, online credentials, and protected health information. At the time of disclosure, no threat group had publicly claimed responsibility.
Following discovery of the incident, Erie said it secured the affected network, strengthened security measures, notified law enforcement, and reported the breach to the U.S. Department of Health and Human Services Office for Civil Rights. It also began offering affected individuals complimentary credit monitoring and identity protection services.
Erie Family Health Centers detected suspicious activity and identified unauthorized access to its internal network. The organization then launched an investigation with external digital forensics and cybersecurity experts.
A later forensic investigation determined that an unauthorized third party gained access to Erie Family Health Centers' network starting on this date. The intrusion window ultimately lasted until late January 2026.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
3 references tracked. Mallory keeps watching after this page renders.
teiss.co.uk
Open sourcehipaajournal.com
Open sourceeriefamilyhealth.org
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.