Southern Immediate Care Data Breach Affects Patient Data

Southern Immediate Care experienced a data breach possibly impacting both personally identifiable information (PII) and protected health information (PHI). In April 2025, the organization discovered suspicious activity within an employee's email account.

According to the Notice of Data Event on the company's website, on April 15, 2025, an investigation revealed that two employee mailboxes had been accessed without authorization by a cybercriminal and patient data may have been downloaded. Southern Immediate Care is continuing the investigation and is working to determine exactly what data was exposed and the number of individuals impacted.

According to a disclosure to the Dept. of Health & Human Services, 7,447 people had their protected health information exposed.

Southern Immediate Care's response

Southern Immediate Care responded by engaging cybersecurity experts to investigate the incident and confirm the nature and scope of the unauthorized activity. Impacted patients will be notified and required state and federal data breach disclosures will be made.

If you receive a data breach notice from Southern Immediate Care, or believe your personal and protected health information may have been compromised, you may want to:

• Carefully review any notice or communication you receive from Southern Immediate Care and enroll in free credit monitoring, if offered.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

The organization has also provided a dedicated phone line for questions and assistance: 205-749-2048, available Monday through Friday from 8 a.m. to 6 p.m. CT.