Centerwell Healthcare Data Breach Exposes Sensitive Patient Information Centerwell, a Kentucky-based senior healthcare provider offering primary care, pharmacy, and home health services across over 30 U.S. states, has reported a data breach to the Texas Attorney General. The incident, disclosed on March 9, 2026, involved unauthorized access to systems containing sensitive personal identifiable information (PII) and protected health information (PHI). The exact number of affected individuals remains undetermined, and the types of exposed data vary but may include medical records, financial details, and other confidential data. While Centerwell has not yet begun notifying impacted individuals, the breach report filed with Texas authorities confirms the exposure. The company, which employs over 1,000 people, has not publicly released further details about the breach’s origin or scope. Legal firm Strauss Borrelli PLLC is investigating the incident, though no legal actions have been announced. The breach underscores ongoing risks in healthcare data security, where sensitive patient information remains a prime target for cyber threats. Further updates are expected as the investigation progresses.

Humana and Centerwell Hit by Clop Ransomware Attack in August 2025 Humana confirmed a data breach in August 2025, exposing sensitive personal and medical information of an undisclosed number of individuals. Compromised data includes names, Social Security numbers, medical billing details, claims info, provider names, Humana ID numbers, patient account numbers, and health insurance data. Subsidiary Centerwell also began notifying affected individuals this month, with Texas reporting 4,618 impacted residents. The cybercriminal group Clop claimed responsibility for the breach, though Humana has not confirmed the attribution. The attack stemmed from a vendor’s software vulnerability, which Clop has exploited in other incidents, including a flaw in Oracle’s E-Business Suite. Humana is offering affected individuals 24 months of free credit monitoring and identity restoration services through Equifax, with an enrollment deadline of March 31, 2027. Clop, active since 2019, specializes in zero-day exploits and often steals data without encryption, demanding ransom to prevent leaks. In 2025, the group claimed 456 attacks, with 35 confirmed, including breaches at Parexel International and Barts Health NHS Trust. The Oracle vulnerability alone accounted for 119 claims, 29 of which were verified. The breach adds to a rising trend of ransomware attacks on U.S. healthcare entities. Comparitech recorded 31 confirmed attacks in 2025 on non-direct-care healthcare businesses, exposing data of over 196 million people. Other recent incidents include breaches at Catalyst RCM (claimed by Everest) and Resource Corporation of America (targeted by Medusa for an $800,000 ransom). Humana, the fourth-largest U.S. health insurer, has faced prior scrutiny over fraud allegations and AI-driven Medicare claim denials. Centerwell, its subsidiary, provides pharmacy, senior care, and home health services. Both companies now face a class-action lawsuit alleging inadequate data protection.