University of Iowa Community HomeCare Data Breach Impacts 211,000 Patients

Injured?
When patients entrust their health and personal information to medical providers, they expect that data to remain safe.
Unfortunately, a recent data incident at University of Iowa Community HomeCare, an affiliate of University of Iowa Health Care, shows just how vulnerable healthcare systems can be to cyberattacks.
When any business, organization, or healthcare provider requires your private information, they owe you a duty to protect it. If inadequate security measures put your data at risk or if you’ve already experienced fraud after a data breach, contact Morgan & Morgan for a free case evaluation to learn more about your legal options. You may be entitled to compensation.
What Happened With the University of Iowa Community HomeCare Data Breach?
On July 3, 2025, UI Community HomeCare discovered that an unauthorized individual had gained access to its computer system. In response, the organization immediately shut down its servers and brought in cybersecurity experts to investigate the breach. Thankfully, they were able to restore systems within one business day.
While University of Iowa Health Care and UI Community HomeCare operate separate systems, their shared relationship has historically involved sharing patients, employees, and data files. That overlap created an entry point for the cybercriminal, who was able to view and copy files containing sensitive information.
Who Is Affected?
After a thorough investigation, UI Community HomeCare confirmed that approximately 211,000 individuals had their data exposed. Written notifications were mailed on August 29, 2025, and substitute notices were posted online for those who may not have received a letter.
The compromised files contained information such as:
- Names
- Dates of birth
- Medical record numbers
- Providers
- Type of visit
- Insurance information
- Date of service
While no evidence suggests the data has been misused so far, this type of information could be valuable to identity thieves and fraudsters.
What UI Health Care Says
In letters to affected individuals, UI Health Care emphasized that its own electronic health record system was not impacted by the breach. The organization expressed regret, stating that patient trust and data protection remain top priorities.
Patients have been urged to stay vigilant by:
- Reviewing account statements for unusual activity
- Monitoring free annual credit reports
- Reporting any suspicious activity immediately
UI Community HomeCare has also set up a dedicated call center for questions about the breach.
Why Healthcare Data Breaches Are So Dangerous
Healthcare data breaches are especially serious because they often involve more than just financial details. Medical information can be used in medical identity theft, where someone uses another person’s identity to obtain care, prescriptions, or even file false insurance claims. Unlike a stolen credit card, which can be canceled quickly, compromised medical data is often harder to secure and can follow patients for years.
What You Can Do if You Were Affected
If you received a notification from UI Health Care or suspect your information may have been included in the breach, you should:
- Monitor financial and insurance accounts for unusual charges.
- Request free credit reports and check them regularly.
- Place a fraud alert or credit freeze if you suspect misuse of your data.
- Keep all correspondence from UI Community HomeCare for your records.
Can You Take Legal Action?
Data breach victims may be entitled to compensation for damages such as time spent monitoring accounts, costs of credit protection, and the emotional distress of having their sensitive information exposed.
At Morgan & Morgan, we have a proven track record of holding organizations accountable when they fail to protect the personal information entrusted to them. If you were impacted by the UI Community HomeCare data breach, you may have legal options.
Contact Morgan & Morgan
Our attorneys are actively reviewing cases related to healthcare data breaches nationwide. The consultation is always free, and you pay nothing unless we win.
If you were affected by the University of Iowa Community HomeCare data breach, don’t wait—contact Morgan & Morgan today to learn more about your rights and how we can help.
Injured? Getting the compensation you deserve starts here.

Injured?
Not sure what to do next?
We'll guide you through everything you need to know.