Elara Caring Data Breach Exposes Social Security Numbers

Elara Caring, one of the nation's largest providers of home-based care services, has disclosed a data breach involving one of its third-party vendors. The total number of individuals affected across the United States has not been publicly disclosed; however, 714 Massachusetts residents have been affected.

On Dec. 12, 2025, a third-party vendor notified Elara that an unauthorized actor had accessed and downloaded documents containing patient information from the vendor's system.Elara's own internal systems were not compromised as a result of this incident.

The unauthorized access occurred during two separate periods, between Nov. 4 and 6, 2025, and between Nov. 14 and 17, 2025.

Once Elara learned of the breach from its vendor, the company launched an investigation to determine what information was involved and to identify which patients were affected.

The types of information exposed in the breach included medical records and Social Security numbers.

The company mailed out notification letters to affected individuals on May 12, 2026.

Elara Caring's response to the breach

Elara Caring is offering 24 months of complimentary credit monitoring and remediation services through Cyberscout, a TransUnion company, at no cost. Each affected individual will receive a unique enrollment code in their notification letter.

Elara has also established a dedicated call center for individuals with questions about the breach or who need assistance with the enrollment process. The call center is available Monday through Friday from 8 a.m. to 8 p.m. Eastern time, excluding major U.S. holidays.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze on credit files by contacting Equifax (1-888-766-0008), Experian (1-888-397-3742) and TransUnion (1-800-680-7289) to help prevent unauthorized accounts from being opened.
• Request free credit reports at AnnualCreditReport.com and review them carefully for unfamiliar accounts, unexpected inquiries or other suspicious activity.
• Monitor Explanation of Benefits statements from health insurers for medical services not authorized or received, since medical records were among the information exposed in this breach.
• Review bank accounts and financial statements regularly for any unauthorized transactions, given that Social Security numbers were involved in this breach.
• Be cautious of phishing attempts that reference Elara Caring or this data breach by name, as scammers sometimes use breach notifications to craft convincing emails, texts or phone calls.
• Report suspected identity theft to the Federal Trade Commission at 1-877-382-4357 and to local law enforcement.