AltaMed Data Breach – Learn About Your Legal Rights Featured
If you received a notice from AltaMed, your personal or medical information may have been exposed. Here’s what you need to know.
If you received a data breach notice from AltaMed Health Services, your personal and medical information may have been exposed — and you may have important legal rights.
A class action investigation is underway following a cybersecurity incident discovered in December 2025. This page explains what happened and what it may mean for you.
What Happened?
On December 14, 2025, AltaMed detected a cybersecurity incident that disrupted access to parts of its network. An investigation determined that an unauthorized party accessed internal systems and copied sensitive data.
AltaMed states that it secured its systems and engaged cybersecurity experts. However, notification letters were not sent to affected individuals until February 12, 2026 — approximately two months after the incident.
This delay may be significant, as it allowed time during which affected individuals may not have been aware of the need to monitor for fraud or identity theft.
What Information Was Involved?
The information exposed varies by individual but may include highly sensitive personal and medical data such as:
- Name
- Social Security number
- Date of birth
- Driver’s license or identification number
- Medical record number
- Medicare or Medicaid ID
- Health insurance information
- Dates of service and provider information
- Medical history, diagnoses, or treatment details
- Prescription information
- Payment and billing information
- Email, phone number, or login credentials
This type of information is commonly referred to as protected health information (PHI) and is considered especially sensitive.
Why This Matters
If you received a notice, it means your information may have been involved.
Even if there is currently no confirmed misuse, stolen personal and medical data can be used months or even years later. The two-month delay between the breach and notification may have increased the risk that this information could be misused before individuals were aware.
Medical identity theft can be especially serious, potentially affecting both financial accounts and healthcare records.
Not the First Incident
This is not the first time AltaMed has reported a data breach.
In 2025, AltaMed disclosed a separate incident involving unauthorized access to highly sensitive information, including Social Security numbers, medical records, diagnoses, prescription data, and financial information affecting thousands of individuals.
Multiple incidents within a short period may raise questions about whether sufficient data security measures were in place.
Who Is Affected?
AltaMed is one of the largest community health providers in California, serving nearly 300,000 patients annually across dozens of locations in Los Angeles and Orange Counties.
Many patients rely on AltaMed for essential healthcare services, making the protection of their personal and medical information especially important.
What You Can Do
If you received a notice, consider taking the following steps:
- Monitor your financial accounts and medical records
- Review your credit reports for unusual activity
- Consider placing a fraud alert or credit freeze
- Be cautious of phishing emails or suspicious communications
- Use strong passwords and enable two-factor authentication
Learn About Your Rights
If your information was involved, you may have legal rights related to how your data was handled and protected.
👉 Fill out the form on this page to learn more about your rights and whether you may be able to participate in the AltaMed data breach lawsuit. There is no obligation, and it only takes a minute to request more information.