Accenture Confirms Intrusion After Hacker Claims 35GB Data Breach
Accenture, one of the world’s largest consulting firms, has confirmed it has experienced a security breach, shortly after a hacker claimed to have breached its systems and exfiltrated 35GB of data from the company. Accenture has confirmed that it identified the source of the intrusion and remediated the incident, and that it had no impact on its financial position or operations.
Accenture provides professional services to help businesses and governments solve complex problems and assist them with the implementation of new technologies, cloud migrations, along with managed services to help them run day-to-day business processes. Its client list includes many Fortune 500 companies.
On July 6, 2026, a cybercriminal hacker with the handle “888” added a post titled “Accenture Data Breach” to a cybercrime forum claiming to have stolen 35 GB of data including source code, RSA keys, SSH keys, Azure Personal Access Tokens (PATs), Azure Storage access keys, configuration files, and other data. The hacker was offering the data for sale, requesting payment in the Monero digital currency. The post included a screenshot as proof of data theft.
While Accenture has confirmed that there was an intrusion, the company has not stated whether the attacker’s claims are genuine or provided any further information about the nature of the incident. This is not the first time the hacker has attempted to sell data stolen from Accenture, having listed data for sale that had been stolen in a third-party incident in 2024.
In that instance, the hacker claimed to be selling sensitive data, including the personally identifiable information of more than 30,000 employees, although Accenture said at the time that the hacker’s claims were vastly exaggerated, and only included the data of around three of its employees. The latest data theft claim may also have been exaggerated; however, if genuine, the highly sensitive nature of the stolen data will be a major cause of concern, potentially impacting the company’s clients and partners.
The post Accenture Confirms Intrusion After Hacker Claims 35GB Data Breach appeared first on The HIPAA Journal.
Drug and Alcohol Treatment Services Settles Data Breach Litigation
Drug and Alcohol Treatment Services, Inc., a Scranton, Pennsylvania-based provider of drug and alcohol addiction services, has agreed to settle class action litigation stemming from an October 2024 ransomware attack.
The attack resulted in the theft of the personal and protected health information of employees and patients. The HHS’ Office for Civil Rights was informed that 22,215 patients were affected. Data exposed or stolen in the incident included names, dates of birth, Social Security numbers, health insurance information, medical billing/claims information, patient account numbers, prescription/medication information, and diagnosis/treatment information.
Eight class action lawsuits were filed in response to the data breach, which were consolidated into a single complaint – Leo Woytach, et al v. Drug and Alcohol Treatment Services, Inc. – in the Court of Common Pleas of Lackawanna County, Pennsylvania. The consolidated lawsuit asserted claims for negligence, negligence per se, breach of contract, breach of implied contract, breach of fiduciary duty, breach of confidence, and unjust enrichment. The defendant denies all claims and contentions in the lawsuit and maintains there was no wrongdoing.
Following negotiations about a potential settlement and a full day of mediation, settlement terms were agreed upon that were acceptable to all parties. By settling, all parties avoid the costs, distraction, burden, and risks of a trial and related appeals. The defendant will establish a $549,000 settlement fund, from which attorneys’ fees and expenses, settlement administration/notification costs, and service awards for the eight class representatives will be paid. The remainder will be used to pay benefits to the class members.
The settlement covers individuals who were notified about the data breach and provides cash payments to individuals who submit a valid claim. Claims may be submitted for reimbursement of documented, unreimbursed losses due to the data breach up to a maximum of $5,000 per class member, or a claim may be submitted for a pro rata cash payment. The value of the cash payments will be determined by the number of valid claims received. In addition, class members qualify for a free 12-month membership to a medical data monitoring service.
The deadline for filing an objection and opting out of the settlement is August 25, 2026. Claims must be submitted by September 24, 2026, and the final fairness hearing has been scheduled for November 24, 2026.
June 9, 2025: Drug and Alcohol Treatment Services Facing Multiple Class Action Data Breach Lawsuits
A Pennsylvania non-profit provider of drug and alcohol addiction services is facing multiple class action lawsuits over an October 2024 ransomware attack. Drug and Alcohol Treatment Services, Inc. (DATS), based at 441 Wyoming Avenue in Scranton, PA, identified unauthorized access to its computer network on October 6, 2024. The forensic investigation confirmed that an unauthorized third party had access to the protected health information of 22,215 individuals between October 5 and October 6, 2024. Data compromised in the incident included patient names, dates of birth, medical histories, treatment information, health insurance information, medical claims information, billing information, Social Security numbers, and financial information.
The data breach was confirmed by DATS on December 5, 2024; however, notification letters were not sent to the affected individuals until May 2, 2025. DATS said it was unaware of any misuse of the stolen data at the time of issuing notification letters and offered the affected individual complimentary credit monitoring and identity theft protection services. The notification letters did not state the exact nature of the cyberattack; however, the Interlock ransomware group claimed responsibility for the attack and said 150 GB of data was stolen. The ransom was not paid, so the group published the stolen data on its data leak site. The group claims the leaked files include the personal data of employees and patients.
Currently, at least eight class action lawsuits have been filed against DATS over the data breach. The lawsuits make similar claims, including negligence for failing to protect its information technology systems and sensitive patient and employee data. The lawsuits claim the data breach could have been prevented if DATS had implemented reasonable security measures and adhered to industry-standard data security practices. The lawsuits also claim that DATS did not provide timely notifications to the affected individuals, who were informed that their sensitive data had been stolen seven months after the data breach. The lawsuits claim the notification delay deprived the plaintiffs and class members of the opportunity to take action to mitigate the harmful effects of the data breach. The lawsuits also assert claims of breach of confidence, breach of implied contract, breach of fiduciary duty, unjust enrichment, and invasion of privacy.
The lawsuits seek class certification, a jury trial, damages, attorneys’ fees, reimbursement of legal costs and expenses, and injunctive relief, including an order from the court compelling DATS to implement measures to improve security.
The post Drug and Alcohol Treatment Services Settles Data Breach Litigation appeared first on The HIPAA Journal.
ERMI; McLeod Physician Associates; Centers for Dialysis Care Announce Data Breaches – The HIPAA Journal
RepuGen Successfully Completes Annual HIPAA Compliance Audit, Rei – The National Law Review
ERMI; McLeod Physician Associates; Centers for Dialysis Care Announce Data Breaches
Data breaches have been announced by the Georgia-based medical equipment company ERMI, McLeod Physician Associates in South Carolina, and the Centers for Dialysis Care in Ohio. More than 101,000 individuals have been affected by these three incidents.
ERMI LLC, Georgia
ERMI LLC, A Georgia manufacturer of medical equipment for orthopedic patients, has experienced a significant data breach involving unauthorized access to systems containing the electronic protected health information of 74,074 patients. Unauthorized access to its systems was identified on or around August 14, 2025. Assisted by third-party cybersecurity experts, ERMI determined that certain systems had been accessed by an unauthorized third party between February 15, 2025, and August 14, 2025, during which time files containing patient information may have been viewed or acquired.
An extensive manual review of the affected data was completed on or around April 17, 2026, and confirmed that the exposed data included names in combination with one or more of the following: Social Security number, driver’s license number, veteran identification number, passport number, username and password, email address with password and security question, date of birth, date of death, taxpayer/employer identification number, financial account information, payment card information, medical information, and health insurance information. The affected individuals have been notified and informed about the steps that can be taken to reduce the risk of data misuse, and complimentary credit monitoring services have been offered to individuals whose Social Security numbers were impacted.
McLeod Physician Associates Li, South Carolina
McLeod Physician Associates li, a Florence, SC-based healthcare group practice, has recently reported a data breach to the HHS’ Office for Civil Rights involving unauthorized access to the protected health information of up to 19,553 patients. The affected patients started to be notified about the incident on June 4, 2026. According to the substitute breach notice on the McLeod Health website, on March 5, 2026, a suspicious file was found on a Dillon Family Medicine server that was in the process of being decommissioned. An investigation was launched, which determined that an unauthorized party had accessed the server between October 17 and October 18, 2025.
The investigation confirmed that the incident was limited to the single server, and no McLeod Health systems were involved, including the practice’s current electronic medical record system. The server was reviewed and found to contain patient information such as names, dates of birth, Social Security numbers, and information related to patient care, which may have included diagnoses, medications, test results, medical images, treatment information, and health insurance information.
Steps have been taken to prevent similar incidents in the future, and the practice will continue to implement and evaluate enhanced safeguards. McLeod Health has confirmed that the affected server has been decommissioned and is no longer in use.
Centers for Dialysis Care, Ohio
Centers for Dialysis Care in Shaker Heights, Ohio, has identified a data security incident that potentially involved unauthorized access to the protected health information of up to 8,000 individuals. Suspicious activity was identified within its computer network on or around March 20, 2026. Assisted by third-party cybersecurity experts, Centers for Dialysis Care confirmed on April 11, 2026, that there had been unauthorized access to its network, and files containing personal and protected health information had been accessed.
The personal and protected health information of current and former patients and employees was involved, including names, dates of birth, Social Security numbers, medical and health information, diagnostic and treatment information, health insurance information, and/or tax/financial information. Centers for Dialysis Care said additional security measures have been implemented to reduce the risk of similar incidents in the future.
The post ERMI; McLeod Physician Associates; Centers for Dialysis Care Announce Data Breaches appeared first on The HIPAA Journal.