Persante Health Care Data Breach Exposes PII & PHI of 111,815

On or about Jan. 28, 2025, Persante Health Care, a national provider of sleep and balance center management services, discovered unauthorized activity within its network. The exposed data is extensive and includes both personally identifiable information (PII) and protected health information (PHI).

An investigation with external cybersecurity experts revealed that an unknown actor, later identified as the ransomware group INC RANSOM, gained access to Persante’s systems between Jan. 23 and Jan. 28, 2025. During this period, files containing sensitive personal and health information were accessed or acquired.

Compromised information may have included names, dates of birth, Social Security numbers, driver’s license numbers, state and government identification numbers, tax ID Numbers, medical information and health insurance information. The exposure of PII and PHI puts individuals at risk of identity theft and medical fraud.

The severity of this breach is significant due to the breadth of information involved and the method of attack. INC RANSOM, a known ransomware group, claimed responsibility for the incident and posted sample data on its dark web portal, indicating that data was not only accessed but also exfiltrated.

According to the U.S. Department of Health and Human Services, this data breach has impacted at least 111,815 individuals across the U.S.

The breach affected individuals connected to Persante’s partner medical facilities across several states. The company became aware of the full scope of the incident after a detailed review of impacted data, which concluded on Oct. 3, 2025. Persante Health Care posted a notice of data security incident on its website and notified impacted individuals by mail on Nov. 26, 2025.

According to the Massachusetts Attorney General disclosure, 39 residents of the state have been affected. Additionally, the New Hampshire Attorney General's office reports at least nine residents have been impacted. However, this is an ongoing investigation, and the number of impacted individuals is subject to change.

Persante Health Care’s response

Immediately after detecting the suspicious activity, Persante Health Care secured its network and engaged external cybersecurity experts to investigate. The company notified the Federal Bureau of Investigation and is cooperating with law enforcement. A comprehensive review of affected files was conducted to determine whose information was involved.

If you believe your personal information may have been compromised in this breach:

• Carefully review any notice or communication you receive from Persante Health Care or a company that does business with Persante Health Care.
• Monitor financial accounts and credit reports for signs of identity theft.
• Consider placing fraud alerts or credit freezes with the major credit bureaus.
• Be cautious of unsolicited emails or phone calls requesting personal information.

The company has set up a dedicated toll-free call center at 844-354-1778, available Monday through Friday from 9 a.m. to 6:30 p.m. ET, to answer questions and provide guidance.