Home
>
Data Breach>McElroy & Associates

McElroy & Associates (OPEH&W Health Plan) Data Breach Affects 6,633 People

Published
December 15, 2025
Updated
December 15, 2025
McElroy & Associates (OPEH&W Health Plan) Data Breach Affects 6,633 People
McElroy & Associates

Affected by the

McElroy & Associates

data breach?

Join the Lawsuit

It's free to join. 

McElroy & Associates, Inc. recently experienced a significant data breach that exposed the personally identifiable information (PII) and protected health information (PHI) of 6,633 individuals in the U.S. The breach was officially disclosed to the U.S. Department of Health and Human Services on Oct. 17, 2025.

The incident was first detected on May 30, 2025, when suspicious activity was discovered in an employee’s email account. An investigation revealed that an unauthorized actor gained access to certain emails between May 28 and May 30, 2025.

The breach allowed the intruder to access a range of sensitive information, including names, addresses, Social Security numbers, dates of birth, driver’s license numbers, financial account details, medical information, health insurance information, and usernames with passwords.

This means both personally identifiable information (PII) and protected health information (PHI) were at risk. By Sept. 3, 2025, the company finalized its analysis of the impacted data and began the process of notifying affected individuals by mail. McElroy & Associates also posted a Notice of Data Security Event on its website.

McElroy & Associates' response

In response to the incident, McElroy & Associates took several immediate steps to secure their systems and protect affected individuals. The company launched a comprehensive investigation, secured their email environment, and reviewed all potentially impacted information.

If you believe your personal information may have been compromised in this breach:

  • Carefully review any notice or communication you receive from McElroy & Associates or your provider.
  • Monitor financial accounts and credit reports for signs of identity theft.
  • Consider placing fraud alerts or credit freezes with the major credit bureaus.
  • Be cautious of unsolicited emails or phone calls requesting personal information.

For those who may have been affected but did not receive a letter, McElroy & Associates has set up a dedicated help line at 833-866-9545, available from 8 a.m. to 8 p.m. ET.

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
McElroy & Associates
Consumers Notification date
https://www.opehw1.com/DataSecurityIncidentWebNotice_20251016.pdf
Date of Breach
Breach Discovered Date
Total People Affected
6633
Information Types Exposed
  • name
  • address
  • Social Security number
  • date of birth
  • driver’s license number
  • financial account information
  • medical information
  • health insurance information
  • username with password

Data Breach Settlements

Sequoia Benefits and Insurance $8.7M Data Breach Settlement
Summit National Bank $400,000 Data Breach Settlement
VisionPoint Eye Center $750K Data Breach Settlement
Erickson Cos. Data Breach Class Action Settlement
First Commonwealth Federal Credit Union $1.2M Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

Victory Disability Data Breach Exposes Sensitive Patient Info
December 15, 2025
Victory Disability Data Breach Exposes Sensitive Patient Info
Marquis Companies Data Breach Exposes SSNs & Medical Info
December 15, 2025
Marquis Companies Data Breach Exposes SSNs & Medical Info
Pierce County Library Breach Impacts at Least 340,101 Individuals
December 15, 2025
Pierce County Library Breach Impacts at Least 340,101 Individuals
Expert MRI Data Breach Exposes PII & PHI
December 15, 2025
Expert MRI Data Breach Exposes PII & PHI