Home
>
Data Breach>Resource Corporation of America

Resource Corporation of America Data Breach Exposes PHI and PII

Published
February 18, 2026
Updated
February 18, 2026
Resource Corporation of America Data Breach Exposes PHI and PII
Resource Corporation of America

Affected by the

Resource Corporation of America

data breach?

Join the Lawsuit

Resource Corporation of America (RCA), a Texas-based healthcare revenue cycle and reimbursement solutions provider, has experienced a data breach affecting sensitive personal and health information.

The incident was discovered on Dec. 17, 2025, after the company detected suspicious activity within certain computer systems. An investigation, supported by external cybersecurity specialists, revealed that unauthorized actors accessed and copied files from RCA’s systems between Dec. 9 and Dec. 17, 2025.

The breach was the result of a ransomware attack carried out by the MEDUSA group, who claimed responsibility and threatened to publish the stolen data on the dark web if their demands were not met. MEDUSA posted about the attack on Jan. 4, 2026, on their Tor network site, stating they had obtained internal data and would release it within 15 to 16 days.

The information exposed in this breach includes both personally identifiable information (PII) and protected health information (PHI). The copied files may contain names, addresses, dates of birth, Social Security numbers, health insurance details, and medical diagnosis and treatment information.

The incident was disclosed to the public on the company's website.

Resource Corporation of America's response

Upon discovering the breach, Resource Corporation of America secured its systems and launched a comprehensive investigation with the help of cybersecurity experts. RCA has also taken steps to enhance its data protection policies and security measures to help prevent similar incidents in the future.

Affected individuals are advised to:

  • Review account statements and explanation of benefits for suspicious activity
  • Monitor their credit reports for errors or unauthorized activity
  • Consider placing a fraud alert or credit freeze with major credit bureaus

RCA has established a dedicated toll-free number, 844-726-0950, available Monday through Friday from 9 a.m. to 5 p.m. Central time, for individuals seeking more information about the breach.

Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info
  • Affected information types not yet disclosed

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
Resource Corporation of America
Consumers Notification date
Date of Breach
December 17, 2025
Breach Discovered Date
December 17, 2025
Total People Affected
Information Types Exposed
  • benefits eligibility
  • health insurance
  • medical treatment
  • names
  • addresses
  • dates of birth
  • Social Security numbers
  • health insurance information
  • medical diagnosis
  • treatment information

Data Breach Settlements

Constar Financial Services Data Breach Settlement
Nova Recovery Center Data Breach Class Action Settlement
Norton Healthcare $11M Data Breach Class Action Settlement
Tri Counties Bank $1.19M Data Breach Class Action Settlement
Apex Global Solutions Data Breach Class Action Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

Triad Radiology Data Breach Exposes Sensitive Info
February 18, 2026
Triad Radiology Data Breach Exposes Sensitive Info
Atlas Transfer & Storage Co.: Data Breach: SSNs, Financial Information, and More Exposed.
February 18, 2026
Atlas Transfer & Storage Co.: Data Breach: SSNs, Financial Information, and More Exposed.
Easterseals NE Indiana Data Breach: PII and PHI Exposed
February 18, 2026
Easterseals NE Indiana Data Breach: PII and PHI Exposed
NCBHS Data Breach Exposes Sensitive Information
February 18, 2026
NCBHS Data Breach Exposes Sensitive Information