Data breach at Alternate Solutions impacts over 90,000

The health provider recently notified the Department of Health and Human Services (HHS) of a data breach. 

What happened

On April 14th, Alternate Solutions Health Network notified the HHS’ Office of Civil Rights about a breach impacting 93,589 individuals. The attack vector was described as occurring through the provider’s email in a hacking incident involving IT. 

Alternate Solutions posted a notice on their website with additional details. The notice stated that the information involved varied by person, but included names alongside one of the following: date of birth, address, driver’s license number, physician and clinician names, clinical information, diagnostic information, and treatment information. Some individuals also had their Social Security numbers impacted. 

Going deeper

Alternate Solutions provides home health and hospice care solutions by partnering with other hospitals and institutions to help patients return home and still receive the care they need. 

According to the data breach notice the company posted on its website, Alternate Solutions experienced a data breach on or around May 30th, 2024. They did not state when the company discovered the breach, but said that once they did, they immediately began an investigation. 

The investigation concluded on February 14th, 2025, and determined that some information had been compromised through email. 

What was said

Alternate Solutions said, “The security and privacy of the information contained within our systems is a top priority for us.” After discovering the breach, the company stated that it immediately took steps “to secure our email systems and engaged third-party forensic experts to assist in the investigation.” 

The big picture

Data breaches through email are common and can be caused by a variety of reasons, like poor security policies, human error, lack of training, or email interception. When it comes to protected health information, organizations need to stay one step ahead by using software that prevents attack attempts and accounts for potential human error. 

FAQs

How can organizations prevent email breaches? 

Data breaches through email are best prevented through security software that flags and quarantines emails that may be malicious. Programs like Paubox also automatically encrypt messages, which ensures that they will not be intercepted by malicious actors. 

What should individuals do if a breach impacts them? 

Individuals who the breach has impacted will be notified by Alternate Solutions as early as April 14th. Alternate Solutions has also offered a help line and encourages individuals to be vigilant by reviewing account statements, explaining benefits, and monitoring credit reports.