Heritage Communities Data Breach Affects PII and PHI

On Sept. 16, 2025, Heritage Communities, an Omaha-based senior living provider, experienced a significant data breach involving its parent company, Heritage Holdings LP. The breach exposed a wide range of sensitive information, including both personally identifiable information (PII) and protected health information (PHI) of current and former residents.

The incident was the result of a network intrusion that affected systems used by Heritage, which also operates as a business associate for Orchard Pointe and OnCare Health. On Oct. 9, 2025, the hacking group, "Worldleaks", claimed responsibility for the breach and posted about it on the Tor network, alleging they had leaked corporate data from Heritage Communities.

The compromised data may have included names, addresses, dates of birth, phone numbers, driver's license numbers, email addresses, medical information and health insurance details. The exposure of PII and PHI puts current and former patients at risk of identity theft and medical fraud. The exact information exposed varies by individual, with some affected by all categories and others by only one or a few.

The company published a notification of data security incident on it website on Oct. 28, 2025. The investigation is ongoing. Heritage Communities will notify impacted information upon the conclusion of a thorough analysis.

Heritage Communities’ response

In response to the breach, Heritage Communities took immediate steps to secure its network and engaged external cybersecurity experts to conduct a thorough investigation. The company has since implemented additional security measures and is reviewing its data protection policies and procedures to prevent future incidents.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Heritage Communities or a company that does business with Heritage Communities.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

Heritage has established a dedicated toll-free call center at 1-833-318-9125, available Monday through Friday from 9 a.m. to 9 p.m. ET.