ID Care Data Breach Exposes Sensitive PHI and PII

ID Care, New Jersey’s largest network of board-certified infectious disease specialists, recently experienced a data breach that may impact its current and former patients.

On Nov. 5, 2025, the company detected suspicious activity within its computer network. A prompt investigation, assisted by cybersecurity experts, revealed that an unauthorized actor had gained access to a subset of ID Care’s network on the same day.

The intruder was able to access or download certain files without authorization.

At this time, the full scope of the breach is still being determined, as ID Care continues a comprehensive review to identify which individuals and what information were affected. However, it has been confirmed that the files accessed may have contained a combination of personally identifiable information (PII) and protected health information (PHI).

The types of data potentially exposed include full name, address, Social Security number, date of birth, health insurance information, and medical information such as treatment details, diagnoses, and prescription information.

The company has not disclosed the total number of individuals impacted as the investigation remains ongoing.

The company posted a notice of the data privacy event on its website.

ID Care's response

As a precaution, ID Care encourages affected individuals to remain vigilant by monitoring account statements, credit reports, and explanations of benefits for any unusual or suspicious activity. Individuals are advised to promptly report any suspicious activity to their health care provider, insurance company, or financial institution.

ID Care is in the process of notifying potentially affected individuals by written letter, once the review of impacted files is complete.

The company has provided resources and guidance for protecting personal information, including how to request free credit reports, place fraud alerts, or initiate credit freezes with the major credit bureaus.

Additional information can be found in the official notice, and affected individuals can contact ID Care at 908-281-0221, by email at hipaa@idcare.com, or by mail at 105 Raider Blvd, Suite 101, Hillsborough, NJ 08844.