Aunt Martha’s Data Breach Exposes Social Security Numbers & Health Info

On Aug. 13, 2025, Aunt Martha’s Health and Wellness detected suspicious activity within its network, prompting action to contain and investigate the situation. According to the official notice of data incident, the organization discovered that an unauthorized actor had gained access to its systems one day earlier, on Aug. 12, 2025

During this breach, the attacker exfiltrated information and deployed malware that encrypted some of the organization’s systems. The types of information potentially exposed in this breach are extensive and include both personally identifiable information (PII) and protected health information (PHI).

Impacted data may include name, address, birth date, provider or facility name, medical condition, diagnosis and/or treatment information, lab results, prescriptions and/or medications, personal history, mental health information, insurance/payment amount history, date of service, Social Security number, medical information, health insurance information, driver’s license or state identification number, and any information created, used, or disclosed during the course of providing health care services.

Aunt Martha’s Health and Wellness's response

In response to the breach, Aunt Martha’s Health and Wellness took several steps to protect its network and the individuals whose data may have been compromised. The organization proactively took systems offline, changed passwords, and engaged leading data security and privacy firms to assist with the investigation and response. They also reported the incident to law enforcement and relevant government agencies.

While the identities of affected individuals are not yet known, Aunt Martha’s is encouraging everyone who may be impacted to remain vigilant against identity theft and fraud. Individuals are advised to review account statements and explanation of benefits forms, monitor free credit reports for suspicious activity, and consider placing fraud alerts or security freezes on their credit files. The organization’s notice provides detailed instructions on how to obtain free credit reports from the three major credit bureaus, how to place a fraud alert, and how to initiate a security freeze.

Additionally, Aunt Martha’s recommends that individuals take steps to protect their medical information, such as reviewing explanation of benefits statements for unfamiliar items and contacting their insurance company or care provider for clarification.