Health Gorilla Data Breach Exposes Sensitive Patient Health Data

Health Gorilla, a healthcare interoperability platform that enables health information exchange between medical organizations, was involved in a data breach that may have led to the unauthorized disclosure of patient health information.

Health Gorilla, founded in 2014 and headquartered in Coral Gables, Florida, operates as a health data network that connects healthcare providers, labs and other organizations to share clinical data.

The concern centers on whether companies that received patient data through Health Gorilla's exchange requests were actually authorized to access that information. The Health Information Exchange, or HIE, had not been able to verify those authorizations at the time of notification.

The breach was discovered on or about Jan. 13, 2026, according to Trinity Health's notification to consumers.

Affected medical organizations:

• Mosaic
• OCHIN
• Reid Health
• Trinity Health
• UMass Memorial Health

What happened in the Health Gorilla data breach

Federal regulations require that health information be shared electronically between doctors and hospitals involved in the treatment and care of shared patients. Health Gorilla, a member of the HIE network, manages data exchange requests for certain other companies.

On Jan. 13, 2026, Trinity Health was notified by its HIE partner of a potential unauthorized disclosure of patient health information. According to the notification, Health Gorilla stated that patient health information was needed for treatment purposes. However, the HIE was unable to confirm Health Gorilla's statements or whether the recipient companies had authorizations for the information they obtained through the HIE.

The types of information that may have been disclosed vary based on the content of the information exchanged. According to the notification, exposed data may have included names, dates of birth, demographic information such as addresses, driver's license numbers, financial information such as insurance cards, clinical information including diagnoses and conditions, care plans, treatment-related information, lab results and medication details.

Affected medical organizations' response to the breach

The companies involved in the incident have been suspended from participation in the HIE. They are unable to request any additional health information while the HIE investigates the disclosures.

As a precautionary measure, Trinity Health is providing affected individuals with 12 months of complimentary credit monitoring and identity protection services through Cyberscout, a TransUnion company. These services include alerts when changes occur to credit files, with notifications sent the same day a change or update takes place at the credit bureau.

Affected individuals can enroll by visiting the Cyberscout enrollment page and entering the unique activation code included in their notification letter. Enrollment must be completed within 90 days of the date of the letter.

For questions about the incident, affected individuals can contact Trinity Health's dedicated assistance line at 1-833-877-5364, available Monday through Friday between 7 a.m. and 7 p.m. CT, excluding holidays. They may also write to Trinity Health at 20555 Victor Parkway, Livonia, MI 48152, or email privacyofficer@trinity-health.org.

Steps to take if your information was exposed

• Place a fraud alert or credit freeze on credit files by contacting Equifax, Experian or TransUnion to help prevent unauthorized accounts from being opened using compromised personal details.
• Review credit reports for unfamiliar activity by requesting free copies at AnnualCreditReport.com and checking for accounts or inquiries that were not authorized.
• Monitor Explanation of Benefits statements from health insurers for any medical services, prescriptions or lab work not received, which could indicate that someone is misusing insurance information.
• Report any suspected misuse of a driver's license to the state Department of Motor Vehicles, since driver's license numbers may have been part of the disclosed information.
• Review bank and insurance statements for unfamiliar charges or claims, since financial information such as insurance card details may have been exposed.
• Be cautious of phishing attempts that reference Health Gorilla, Trinity Health or this data breach by name, as scammers may try to use the incident to trick people into sharing additional personal information.