Vida Y Salud Health Data Breach Affects 34k Texans & Exposes Social Security Numbers

On Oct. 8, 2025, Vida Y Salud-Health Systems, Inc., a nonprofit Federally Qualified Health Center based in Crystal City, Texas, discovered suspicious activity within its computer network.

According to the data security incident notice posted on its website, an investigation with the help of cybersecurity specialists revealed that an unknown actor accessed the network between Oct. 7 and Oct. 8, 2025. During this period, files containing sensitive information were copied and potentially viewed.

According to a disclosure filed with the Texas Attorney General on Jan. 5, 2026, the breach exposed the personal and protected health information of 34,504 individuals in Texas.

The types of data involved include names, Social Security numbers, driver’s license numbers, medical information, addresses, dates of birth, account numbers and claim numbers.

The severity of this breach is significant due to the scope of information accessed and the nature of the organization’s services. The files viewed or copied could be used for identity theft or fraud, especially since Social Security numbers and medical information were involved.

Vida Y Salud-Health Systems' response

In response to the breach, Vida Y Salud-Health Systems, Inc. secured its network and launched an investigation with the assistance of leading cybersecurity experts. The organization notified federal law enforcement and reported the incident to regulatory authorities, including the U.S. Department of Health and Human Services.

To support those affected, Vida Y Salud-Health Systems, Inc. is providing access to credit monitoring and identity protection services for individuals whose information may have been involved in the breach. Notification letters with instructions for enrolling in these services are being sent by U.S. mail.

In addition, the company has posted a detailed notice on its website and established a dedicated assistance line at 833-792-0594, available Monday through Friday from 7 am to 7 pm CST, excluding holidays.

Individuals are encouraged to remain vigilant by monitoring account statements and explanations of benefits for unusual activity. They should promptly report any suspicious activity to their insurance company, health care provider or financial institution.