Covenant Care California Data Breach Investigation
Strauss Borrelli PLLC, a leading data breach law firm, is investigating Covenant Care California, LLC (“Covenant Care”) regarding its recent data breach. The Covenant Care data breach may have involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT COVENANT CARE CALIFORNIA, LLC:
Covenant Care is a healthcare system based in California. Founded in 1994, Covenant Care owns and operates skilled nursing facilities and home health agencies throughout California and Nevada.1 Additionally, Covenant Care previously provided rehabilitation services through a company called AFFIRMA, and currently provides home healthcare services under the names Focus Health, Elevate Home Health, Choice Home Health Care, and San Diego Home Health.1 Today, Covenant Care has grown to include over 8,000 healthcare professionals in over 30 healthcare and rehabilitation centers, and cares for over 4,000 residents and patients in its facilities.3 Covenant Care is headquartered in Aliso Viejo, California.
WHAT HAPPENED?
Recently, Covenant Care announced that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed and acquired. According to the breach notice, on or about November 14, 2023, Covenant Care identified suspicious activity related to certain systems within its computer network. As a result, Covenant Care launched an investigation to determine the nature of the incident.
Through its investigation, Covenant Care learned that sensitive personal information in its systems may have been viewed and copied by an unauthorized third-party between November 12 and November 14, 2023. As a result, Covenant Care began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. On August 9, 2024, Covenant Care completed this review. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Driver’s license or state/federal identification number
- Financial account information
- Credit or debit card information
- Medical information (e.g., diagnosis or treatment information, claims and billing information)
As a result of the data breach, Covenant Care posted a notice of the incident on its website. Additionally, on August 29, 2024, Covenant Care mailed data breach notification letters to impacted individuals. Based on the breach notice on its website, Covenant Care is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification that Covenant Care posted to its website is below.
If you received a breach notification letter from Covenant Care California, LLC:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
