.png)
Mosaic Life Care Data Breach Affects 145,269 Patients
Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info
On April 29, 2025, Heartland Regional Medical Center, known locally as Mosaic Life Care, discovered a major data breach that impacted the security of sensitive patient information. The breach, which began as early as January 22, 2025, affected a reported 145,269 individuals across the United States. The incident involved unauthorized access to both personally identifiable information (PII) and protected health information (PHI).
The types of information exposed in this breach were extensive and included names, Social Security numbers, dates of birth, driver’s license numbers, insurance information, dates of service, treating physicians, treatment and diagnostic information, as well as medication information.
The breach was disclosed to the U.S. Department of Health and Human Services on June 27, 2025, as documented in the official HHS breach report.
The breach is considered severe due to the breadth of sensitive data involved and the large number of individuals affected. However, the specific method of unauthorized access and the party responsible have not been publicly disclosed.
Heartland Regional Medical Center d/b/a Mosaic Life Care's response
Following the discovery of the breach, Mosaic Life Care took immediate steps to secure its systems and investigate the extent of the incident. The organization has notified affected individuals and regulatory authorities, as required by law. A comprehensive notice has been posted on the Mosaic Life Care website, providing guidance and resources for those impacted.
Given the nature of the exposed information, individuals affected by the breach are encouraged to:
- Monitor their credit reports and financial accounts for signs of fraudulent activity
- Be alert for phishing attempts or suspicious communications referencing their medical or personal data
- Consider placing a fraud alert or credit freeze with major credit bureaus
- Review any correspondence from Mosaic Life Care for specific instructions or resources, such as access to credit monitoring or identity protection services
Because both PII and PHI were involved, it is especially important for affected individuals to remain vigilant in protecting their identities and personal medical information.
Additional information about the organization and its services can be found on the Mosaic Life Care website.
Protect Your Data
A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.
This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.
Data Breach Settlements
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
Subscribe to our weekly class actions newsletter.
.svg)