.png)
Healthcare Services Group Data Breach Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Healthcare Services Group, Inc. data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Healthcare Services Group, Inc.
Healthcare Services Group (HSGI) is a company that provides housekeeping, laundry, dining and nutritional services to the healthcare industry. The company works with a wide range of healthcare facilities, including nursing homes, rehabilitation centers and hospitals across the United States.
The company is headquartered in Bensalem, Pennsylvania and has thousands of employees.
What happened?
On October 7, 2024, Healthcare Services Group discovered that unauthorized actors had gained access to certain computer systems. An investigation determined that the unauthorized access occurred between Sept. 27, 2024, and Oct. 3, 2024.
The ransomware group Underground claimed responsibility for the attack and posted about the breach on the Tor dark web network.
Healthcare Services Group began notifying affected individuals by mail on Aug. 25, 2025. The cybersecurity incident was disclosed to the Maine, Massachusetts and Texas Attorneys' General offices beginning on Aug. 25 and Aug. 26, 2025.
Information Exposed:
- Name
- Date of birth
- Address
- Social Security number
- Driver’s license or state ID number
- Financial account information
- Medical information
- Health insurance information
The data breach compromised the personal and protected health information of at least 624,496 individuals across the United States.
Impact by State:
- Texas: 82,280 residents
- Massachusetts: 25,583 residents
- South Carolina: 11,533 residents
- Maine: 3,871 residents
Your Rights and Next Steps
If you received a notification letter from Healthcare Services Group, you have important rights and options. You may be entitled to seek compensation for any harm or inconvenience caused by this cybersecurity incident.
- Identity theft protection services: Enroll in the 24 months of free Experian IdentityWorks credit monitoring and identity theft restoration services, provided by HSGI.
- Monitor your accounts carefully: Check your financial statements regularly for suspicious activity or unauthorized transactions. If you notice anything unusual, contact your financial institution immediately.
- Fraud alert and credit reports: A fraud alert informs creditors to take extra steps to verify your identity before opening new accounts in your name. Consumers are also entitled to one free credit report annually from each credit bureau. You can request a fraud alert or a credit report by contacting any one of the three major credit bureaus.
- Seek legal help: Lawyers are ready to help you understand your rights and pursue compensation.
You May Be Entitled to Compensation
If you were affected by the Healthcare Services Group Inc. data breach, you could be eligible to join a class action lawsuit and seek compensation. This could include damages such as time spent monitoring accounts, emotional distress or actual financial losses.
Legal action can also help hold companies accountable for failing to protect sensitive data. To find out if you qualify, complete the form below to join the lawsuit investigation.
.svg)