Strauss Borrelli PLLC, a leading data breach law firm, is investigating ChristinaCare regarding its recent data breach. The ChristinaCare data breach involved sensitive personal information and protected health information belonging to an undetermined number of individuals.
ABOUT CHRISTINACARE:
ChristinaCare is a healthcare organization based in Delaware. Today, ChristinaCare provides a range of healthcare services to patients, including behavioral health care, oncology, heart and vascular care, primary care, surgical care, women’s healthcare, and more.2,4 Headquartered in Wilmington, Delaware, ChristinaCare employs over 10,000 individuals and includes a network of three hospitals.3,4
WHAT HAPPENED?
Recently, ChristinaCare announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its care may have been compromised. According to the breach notice shared on its website, in April 2025, Oracle Health (formerly Cerner Corporation), a third-party electronic health records vendor used by ChristinaCare, informed ChristinaCare that an unauthorized third party gained access to older Cerner systems as early as January 22, 2025, and obtained certain data.1 As a result, Oracle Health launched an investigation to determine the nature of the incident.
Through its investigation, Oracle Health confirmed to ChristinaCare that sensitive personal information in Oracle Health/Cerner systems related to ChristinaCare patients may have been accessed and acquired by an unauthorized third party during the breach. As a result, ChristinaCare began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
- Name
- Social Security number
- Information related to patient medical records (medical record number, doctors, diagnoses, medicines, test results, images, care, treatment)
As a result of the breach, ChristinaCare posted notice of the breach on its website. Additionally, ChristinaCare will begin mailing data breach notification letters to impacted individuals. Based on the website breach notice, ChristinaCare is providing affected individuals with a list of the specific types of sensitive information impacted and 24 months of complimentary credit monitoring services. A link to the website breach notice is below.
If you believe you have been affected by the ChristinaCare breach:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
