Able Home Care Data Breach Affects Sensitive PHI

Able Home Care, a Massachusetts-based home health agency, has experienced a data breach. A hacking group known as Worldleaks claimed responsibility for a ransomware attack on July 22, 2025. The group posted on the dark web Tor network, stating they had obtained sensitive data from the organization.

The total number of affected individuals has not been released but could be in the thousands. The breach is believed to involve both personally identifiable information (PII) and protected health information (PHI) due to the nature of Able Home Care’s services.

Compromised patient information could include names, addresses, dates of birth, Social Security numbers, driver's license and state ID numbers, health insurance information, medical records and financial or payment information.

Able Home Care's response

Able Home Care will work to identify and notify individuals affected by the data breach. The company will also be required to issue certain state and federal cybersecurity incident disclosures.

If you believe your personal and protected health information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Able Home Care.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

For more information about the agency and its services, visit the Able Home Care website.