Patriot Outpatient Data Breach Affects 1,415 Patients

Superior Care Plus, LLC dba Supportive Home Health Care and Patriot Outpatient, LLC ("Patriot"), a provider of in-home healthcare services in Northeast Ohio, recently experienced a data breach that exposed both PHI and PII of 1,415 individuals.

The breach was first discovered on Nov. 17, 2025, when suspicious activity was detected on a company email account. Investigation revealed that the incident was the result of a phishing email, which allowed an unauthorized party to compromise a single employee’s email account.

After the breach was identified, the company changed the password for the impacted account and engaged both internal IT professionals and external cybersecurity experts to secure and remediate the situation.

The comprehensive forensic investigation was completed by Jan. 9, 2026, confirming that specific emails and files within the compromised account were accessed by the unauthorized party.

The exposed data varies by individual but consisted of first and last names, email addresses, health insurance policy numbers, city and ZIP code of residence, medical treatment information, admission and discharge dates, patient logs, referring facility, start care date, policy name, and referring primary care physician name.

For some impacted patients, Social Security numbers and/or Medicare numbers were also involved.

The breach was officially disclosed to the U.S. Department of Health and Human Services on Jan. 16, 2026. Patriot also posted a notice on their website.

Patriot Outpatient's Response

For those affected, the company is mailing individual notification letters detailing the specific information that may have been compromised.

They have also provided a toll-free helpline at 1-888-572-7322, available Monday through Friday from 8 a.m. to 4:30 p.m. Eastern Time, for individuals with questions or concerns.

It is important for affected individuals to remain vigilant for signs of identity theft or fraud. The company recommends reviewing account statements, monitoring credit reports, and considering the use of credit freezes or fraud alerts.

Resources and step-by-step guidance on how to protect personal information, including contact information for the three major credit reporting agencies, are included in the official consumer notice and are available in the PDF notice at the bottom of this page.