Personic Data Breach Impacts 10,929 Nationwide: Health Information Exposed

On Sept. 1, 2025, Personic Management Company LLC ("Personic"), a company operating in the hospital and health care industry, experienced a significant data breach. The cybersecurity event compromised protected health information (PHI) of at least 10,929 individuals.

An investigation revealed that an unauthorized actor accessed a third-party software platform the company uses to process patient information on Aug. 29, 2025, and acquired certain data. Exposed information may include names, contact information, dates of birth, Social Security numbers, driver's license or state ID numbers, medical records and other types of PHI.

The data breach was reported to the New Hampshire and Maine Attorney Generals' offices on Nov. 18, 2025. The exposure of protected health information puts current and former patients at risk of identity theft and medical fraud. Personic has begun notifying impacted individuals by mail.

Personic's response

In response to the breach, Personic launched an investigation and implemented steps to strengthen its cybersecurity and data management practices. In addition notifying the appropriate authorities, the company is offering 24 months of complimentary credit monitoring and identity protection services through Cyberscout.

If you receive notification from Personic or your provider about this breach, you may want to:

• Sign up for the free Cyberscout identity theft protection services, offered by Personic.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For affected individuals with questions, Personic has set up a call center at 833-716-2114, Monday through Friday, 8 a.m. to 8 p.m. ET.