BIRMINGHAM, ALABAMA / ACCESS Newswire / October 8, 2025 / Methodist Homes of Alabama and Northwest Florida ("Methodist Homes") is writing regarding a data security incident that may have involved the personal information and/or personal health information of certain Methodist Homes patients and employees. Methodist Homes was unable to locate all the addresses of the individuals whose data may have been involved. As a result, Methodist Homes is making this public notice to inform all individuals whose data potentially was involved. This notice provides information about the incident and steps you can take for added protection to your information.

On October 14, 2024, Methodist Homes discovered suspicious network activity. Upon discovery, Methodist Homes took immediate action to secure its systems, which included engaging independent cybersecurity specialists to investigate the incident. As part of the investigation, Methodist Homes learned that certain data may have been accessed or acquired by an unauthorized actor between October 2, 2024 and October 14, 2024. As a result, Methodist Homes underwent a comprehensive data review process to determine what information was involved and to whom that information belonged. On September 2, 2025, Methodist Homes determined that certain individual's personal information and/or personal health information was included in the data set involved. Soon after, Methodist Homes determined that they lacked contact information for some individuals, which necessitated this public notice.

The types of information that may have been contained within the involved data varies by individual. For residents and patients, protected health information involved first and last name, in combination with one or more of the following data element(s): Social Security number, driver license or state ID number, health insurance numbers, and clinical information, including medical record number (MRN), medical history, diagnosis and treatment, patient numbers, Medicaid/Medicaid numbers, dates of discharge, and date of birth.

For those individuals who were not patients or residents, personal information involved first and last name, in combination with one or more of the following data element(s): Social Security number, driver license or state ID, health insurance numbers, and medical history information.

Methodist Homes takes this incident seriously and has involved additional measures to prevent future occurrences. Upon learning of the incident, Methodist Homes took immediate steps to address it, including securing its systems and taking some of the network offline. Law enforcement was also notified. Additionally, individuals involved were notified of the incident by mail on October 3, 2025, and notice has been submitted to the Department of Health and Human Services at the Office for Civil Rights and state regulatory authorities.

Methodist Homes offered credit monitoring services to those individuals whose Social Security numbers were involved at no cost to individuals through CyberScout, a TransUnion company. Should individuals have any questions or concerns, Methodist Homes has established a toll-free call center to answer questions about the incident and to address related concerns. The call center can be reached at 1-833-833-7220.

The privacy and protection of personal information is a top priority for Methodist Homes.

Contact Information

Jacqueline Lien
Associate
jacqueline.lien@kennedyslaw.com
415-323-4493

SOURCE: Kennedys CMK LLP