Advanced Family Surgery Center Data Breach: 100 GB Compromised

Advanced Family Surgery Center, an outpatient surgery center in Oak Ridge, Tennessee, that operates as part of the Covenant Health network, disclosed a data breach involving a network intrusion that may have exposed patients' personal and medical information.

On or around Nov. 26, 2025, Advanced Family Surgery Center became aware of a network intrusion that affected a limited number of its systems. The center took action to secure its network and launched an investigation with the help of a third-party team of forensic experts.

On Jan. 11, 2026, a ransomware group known as Genesis posted a claim on the dark web, stating that it had obtained approximately 100 GB of data from Advanced Family Surgery Center. The group claimed the stolen data included healthcare data, personal data, financial data, user folders, operational data and files from the company's file server.

Following the investigation, the company confirmed that a limited amount of protected health information may have been subject to unauthorized access.

The types of protected health information exposed included first and last name, address, date of birth, date of service, health insurance information, medical diagnosis information, medical record number, Medicare/Medicaid number, patient account number, prescription and treatment information, provider name and Social Security number.

The company posted a notice on its website on May 1, 2026. The company has notified potentially affected individuals by U.S. mail. The total number of people affected has not been publicly disclosed.

Advanced Family Surgery Center's response to the breach

Advanced Family Surgery Center directed patients to contact the three major credit reporting bureaus to place fraud alerts on their credit reports.

Advanced Family Surgery Center has established a toll-free call center for patients who have questions about the incident or related concerns. The call center can be reached at 844-784-6193 and is available from 8 a.m. to 8 p.m. Eastern time, Monday through Friday, excluding holidays.

Patients may also contact the company by email at jwinchester@advancedfamilysc.com or by writing to 944 Oak Ridge Turnpike, Suite 200, Oak Ridge, TN 37830.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze with all three credit bureaus. Contact Equifax (1-888-298-0045), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to help prevent unauthorized accounts from being opened using stolen personal information.
• Request free credit reports at AnnualCreditReport.com. Review them carefully for unfamiliar accounts, unexpected inquiries or other signs of suspicious activity.
• Monitor explanation of benefits statements from health insurers. Look for services, prescriptions or provider visits that were never received, which could be a sign of medical identity theft.
• Watch for phishing attempts that reference this breach by name. Scammers may pose as Covenant Health or Advanced Family Surgery Center in emails, phone calls or text messages to trick people into sharing more personal details.
• Report suspected identity theft to the Federal Trade Commission. File a complaint at identitytheft.gov or by calling 1-877-438-4338, and consider filing a police report if there are signs that personal information has been misused.
• Review medical records for accuracy. Contact healthcare providers to request copies of medical records and check for unfamiliar entries, since exposed diagnosis and treatment information could be used to file fraudulent insurance claims.