Home
>
Data Breach>Elmcrest Children's Center

Elmcrest Data Breach: 448GB of Sensitive Info Stolen

Published
October 15, 2025
Updated
October 15, 2025
Elmcrest Data Breach: 448GB of Sensitive Info Stolen
Elmcrest Children's Center
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

Elmcrest Children's Center

data breach?

Join the Lawsuit

It's free to join. 

Elmcrest Children’s Center experienced a major data breach. The center discovered suspicious activity within its internal network and an investigation determined that a cybercriminal accessed and copied files between March 10, 2025 and July 24, 2025.

A ransomware group known as INTERLOCK claimed responsibility for the attack, stating on a dark web posting dated Aug. 4, 2025, that they had stolen 448 GB of data, comprising 627,741 files in 87,773 folders. The large volume of files taken, along with the personal and health information compromised, puts children and their families at risk for identity theft and fraud.

According to the Notice of Data Security Event Elmcrest published on its website on Oct. 2, 2025, the cyberattack investigation is still ongoing. It has been discovered that that breach compromised both personally identifiable information (PII) and protected health information (PHI).

Exposed information may include names, contact information, dates of birth, Social Security numbers, health insurance information and medical records. The total number of affected individuals has not been announced.

Elmcrest Children's Center's response

Elmcrest Children’s Center responded the breach by engaging third-party cybersecurity experts and notifying federal law enforcement. The center will continue its investigation and work to identity all impacted individuals. Required state and federal disclosures will be issued, and affected children, patients and their families will be notified by mail.

If you believe your personal information may have been compromised in this breach:

  • Carefully review any notice or communication you receive from Elmcrest Children’s Center .
  • Monitor financial accounts and credit reports for signs of identity theft.
  • Consider placing fraud alerts or credit freezes with the major credit bureaus.
  • Be cautious of unsolicited emails or phone calls requesting personal information.

More information about Elmcrest Children’s Center can be found on the Elmcrest website.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
Elmcrest Children's Center
Consumers Notification date
Date of Breach
July 24, 2025
Breach Discovered Date
Total People Affected
Information Types Exposed
  • names
  • dates of birth
  • medical information

Data Breach Settlements

Heritage Provider Network $49.99M Class Action Settlement
Kerber Eck & Braeckel LLP $1.4M Data Breach Settlement
Cascade Surgicenter Data Breach Class Action Settlement
Shields Health $15.35M Data Breach Class Action Settlement
Nuance Communications $8.5M MOVEit Data Breach Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

Pacific Seafood Data Breach Affects 40,066 People
October 15, 2025
Pacific Seafood Data Breach Affects 40,066 People
Aunt Martha’s Data Breach Exposes Social Security Numbers & Health Info
October 15, 2025
Aunt Martha’s Data Breach Exposes Social Security Numbers & Health Info
Campbell Lutyens Data Breach Affects Personal Info
October 14, 2025
Campbell Lutyens Data Breach Affects Personal Info
Compound Solutions Data Breach Exposes PII Details
October 14, 2025
Compound Solutions Data Breach Exposes PII Details