.png)
ModMed Data Breach Exposes PII & PHI, Affecting 198,795 Individuals
Modernizing Medicine, a company that provides electronic health records and other services to podiatry practices, experienced a data breach. On July 21, 2025, the organization detected suspicious activity within its computer servers.
On July 29, 2025, an investigation revealed that an unauthorized actor accessed and copied files containing sensitive information between July 9, 2025, and July 10, 2025. The cyber security incident compromised both personally identifiable information (PII) and protected health information (PHI). ModMed began notifying its impacted healthcare providers on Sept. 19, 2025.
According to notices mailed to affected individuals on Oct. 17, 2025, exposed information may have included full names, addresses, dates of birth, Social Security numbers, phone numbers, email addresses, health insurance information, medical record numbers, patient account numbers, dates of service, providers, practice names, billing and diagnostic codes, prescription and medication information and diagnosis and treatment information.
The cyberattack was reported to the Vermont Attorney General's office on Oct. 20, 2025.
Modernizing Medicine also disclosed to the Massachusetts Attorney General and the Montana Attorney General on Oct. 17, 2025. Impacted patients includes at least 737 Massachusetts residents and 22 in Montana. According to a release from the HHS on Jan. 13, 2026, the total number of individuals affected is 198,795.
Modernizing Medicine's response
ModMed responded to the breach by blocking further unauthorized access, engaging cybersecurity experts and notifying law enforcement. In addition to required state and federal disclosures, the organization is offering individuals with compromised Social Security numbers free IDX credit monitoring and identity theft protection services.
If you receive notification from Modernizing Medicine or your provider about this breach, you may want to:
- Sign up for the free credit monitoring and identity theft protection services, offered by ModMed.
- Monitor your credit reports and financial accounts for any unusual activity.
- Be alert for phishing emails or phone calls that may use your exposed information.
- Consider placing a fraud alert or credit freeze with major credit bureaus.
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info- Affected information types not yet disclosed
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)