
On Feb. 5, 2026, Advanced Homecare Management, LLC dba Enhabit Home Health & Hospice "Enhabit," reported a data breach to the U.S. Department of Health and Human Services. The incident affected 22,552 individuals in the United States and involved sensitive patient information.
The incident was not caused by a direct attack on Enhabit Home Health & Hospice's systems, but rather through compromised credentials at Doctor Alliance, which provides a platform for transmitting medical information between doctors and home health agencies.
The unauthorized access took place in two separate windows: from Oct. 31, 2025, to Nov. 6, 2025, and again from Nov. 14, 2025, to Nov. 17, 2025.
During these periods, an unauthorized party accessed the Doctor Alliance platform using compromised credentials for a valid user account. This allowed the attacker to view data stored in the system, including names, addresses, dates of birth, gender, physician names, medical record numbers, certain clinical information and health plan numbers.
Notably, no Social Security numbers or financial information were exposed.
Enhabit posted an official notice to consumers on its website.
Enhabit has encouraged all affected individuals to remain vigilant against identity theft and fraud. While no Social Security or financial data was involved, the exposure of both PII and PHI means there is still a risk of misuse. Those affected are advised to:
A dedicated assistance line is available at 844-425-7470, Monday through Friday from 8 a.m. to 5:30 p.m. Central Time, excluding major U.S. holidays, to answer questions and provide support.








.webp)
.webp)
.webp)

.webp)
.webp)
.webp)
.webp)