CARE Clinic Data Breach Potentially Exposed PHI

CARE Clinic, a nonprofit organization that provides free, quality healthcare to low-income, uninsured adults in Cumberland County and bordering counties, disclosed a data breach in the United States. The organization operates primarily through the work of volunteer healthcare professionals, including doctors, dentists, nurses, pharmacists, dental assistants and pharmacy technicians.

The breach was reported to the U.S. Department of Health and Human Services on April 10, 2026. At this time, further details about when the breach was discovered, the dates during which it occurred or when affected individuals were notified have not been made publicly available.

The specific circumstances surrounding the CARE Clinic data breach remain unclear based on publicly available information.

The timeline of the breach, including when it began, when it ended and how the clinic first identified the problem, also has not been shared publicly.

The specific types of protected health information or personally identifiable information that were compromised in this incident have not been detailed in available public filings but may include medical records, health information, names, addresses, or Social Security numbers.

CARE Clinic's response to the breach

Individuals who believe they may have been impacted by the breach are encouraged to contact CARE Clinic directly for additional information and guidance.

As more information becomes available through regulatory filings, official statements or direct communications from the clinic, this article will be updated.

Potentially affected individuals should remain watchful for any official communications from the clinic.

Steps to take if your information was exposed

Because the specific types of data compromised in this breach have not yet been publicly detailed, individuals who have received care at CARE Clinic should consider taking protective measures as a precaution.

• Place a fraud alert or credit freeze with the three major credit bureaus (Equifax at 1-800-525-6285, Experian at 1-888-397-3742 and TransUnion at 1-800-680-7289) to help prevent unauthorized accounts from being opened using personal information.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any accounts, inquiries or activity that appear unfamiliar or unauthorized.
• Be cautious of phishing attempts that reference CARE Clinic or this data breach by name, as scammers sometimes use real breach events to trick people into revealing additional personal details through fake emails, phone calls or text messages.
• Review medical records for accuracy by requesting copies from healthcare providers and checking for any unfamiliar treatments, prescriptions or diagnoses that could be a sign of medical identity theft.
• Monitor bank and financial statements for any unauthorized charges or withdrawals, even if financial data has not been confirmed as part of this breach, as an added layer of caution.
• Report any suspicious activity to the Federal Trade Commission at IdentityTheft.gov if signs of identity theft or fraud appear on credit reports, financial statements or medical records.