Ennoble Care Data Breach: Sensitive Information Exposed

On April 17, 2025, Ennoble Care & Circa Health, LLC (“Ennoble Care”) experienced a cybersecurity incident, potentially exposing sensitive data. Based on the information currently available, the breach may have exposed both personally identifiable information (PII) and protected health information (PHI).

According to the notice of data security incident posted on Ennoble Care's website, the company discovered that an employee email account had been accessed by an unauthorized party. The company immediately launched a forensic investigation to determine the scope and impact of the incident. As of this writing, the investigation is ongoing, and it is not yet clear how many individuals have been affected.

The potentially compromised data includes names, addresses, dates of birth, hospice status (such as admitted, recertified, discharged or revoked), status dates (including admission dates, certification periods, and discharge or revocation dates), and various order statuses (such as CTI, SN, MSW, CH, HHA and others).

The exposure of PII and PHI puts individuals at risk of identity theft and medical fraud.

Ennoble Care's response

Upon learning of the unauthorized access, Ennoble took immediate action to secure the affected email account and began a comprehensive forensic review, which is ongoing.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Ennoble Care.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

To assist those who may be affected, Ennoble has set up a dedicated toll-free response line at 844-934-6547, available Monday through Friday from 11 a.m. to 8 p.m., ET.