Strauss Borrelli PLLC, a leading data breach law firm, is investigating Sharp HealthCare (“Sharp”) regarding its recent data breach. The Sharp data breach involved sensitive personal information and protected health information belonging to an undetermined number of individuals.
ABOUT SHARP HEALTHCARE:
Sharp is a not-for-profit health care system based in California. Founded in 1946, Sharp has four acute care hospitals, three specialty hospitals, three medical groups and a health plan.2 Today, Sharp provides medical services in multiple fields of medicine, including primary care, heart care, cancer, orthopedics, stroke/neurology, women’s health, rehabilitation, robotic surgery, bariatric surgery, chemical dependency and behavioral health.2 Headquartered in San Diego, California, Sharp employs over 20,000 individuals.
WHAT HAPPENED?
Recently, Sharp reported to the Attorney General of California that its third party vendor, Episource, LLC, had experienced a data breach in which sensitive personal identifiable information and protected health information in its care may have been compromised.1 According to the breach notice, on February 6, 2025, Episource found unusual activity in its computer systems.1 As a result, Episource launched an investigation to determine the nature of the incident.
Through its investigation, Episource confirmed that sensitive personal information in its systems belonging to Sharp patients may have been accessed and copied by an unauthorized third party between January 27, 2025, and February 6, 2025. As a result, Episource began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Address
- Date of birth
- Phone number and email address
- Driver’s license or state ID number
- Health data (e.g., medical record numbers, doctors, diagnoses, medicines, test results, images, care, and treatment)
- Health insurance information (e.g., health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers)
As a result of the data breach, on June 6, 2025, Sharp and Episource began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to California residents, Sharp is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letters that Sharp filed with the Attorney General of California is below.
If you received a breach notification letter from Sharp HealthCare or Episource, LLC:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
