Allegheny Health Network 2025 Data Breach

Allegheny Health Network Integrated Health System Breach (2025): 194K Contact Records Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

Unknown (IntraSystems vendor compromise)Social EngineeringMedicalEmail AddressFull NamePhone Number
High SeverityWebsite / service breach

Allegheny Health Network Integrated Health System Breach (2025): 194K Contact Records Exposed

Integrated healthcare delivery system.

Verified by ObscureIQ Intelligence
67/100Breach Risk Index
25Data Value
40Market Recency
327dSince Breach

Breach Intelligence Summary

Entity: Allegheny Health Network · Actor: Unknown (IntraSystems vendor compromise) · Sources: 2 references
Attack: Social Engineering
Profile: Healthcare provider · Hospital and clinical services · Integrated health system · USA
Timeline: Breach (2025-01-16) · Indexed (Jun 04, 2025) · Year (2025)
Exposure: 194K records · 3 fields: Email Address, Full Name, Phone Number
Status: Reported

Executive Summary

Allegheny Health Network Home Medical Equipment (AHNHME) publicly announced a data breach in April 2025, following a related disclosure earlier the same year covering the broader Allegheny Health Network home-care patient population. The underlying intrusion occurred at IntraSystems LLC, a third-party IT vendor managing servers for AHN's Home Medical Equipment and Home Infusion subsidiaries. Unauthorized access to those systems took place between October 11 and November 19, 2024 and was discovered on November 19, 2024.\n\nThe AHNHME-specific dataset indexed by breach-tracking services covered approximately 194,000 records. Compromised fields in the publicly indexed subset included names, email addresses, and phone numbers. The broader IntraSystems incident affecting AHN home-care patients more generally was disclosed to the Massachusetts Attorney General as compromising names, dates of birth, addresses, Social Security numbers, financial account numbers, and health insurance information for approximately 293,900 patients. AHN began notifying affected individuals on January 17, 2025 with respect to the broader IntraSystems disclosure, with AHNHME-specific notification continuing through the spring of 2025.\n\nFor affected patients, the practical risk depends on which records were involved. Patients in the AHNHME-specific publicly indexed subset face primarily phishing-and-impersonation risk from the name, email, and phone exposure. Patients in the broader IntraSystems disclosure face more severe identity-fraud and financial-fraud risk because of the Social Security number, date of birth, and financial account number exposure. Affected individuals should freeze credit at all three U.S. bureaus, monitor health-insurance and financial statements closely, and treat unsolicited contact referencing AHN, home medical equipment, or related services with caution.

ObscureIQ assessment: Severe risk. Exposure enables identity theft, medical fraud, insurance abuse, and targeted scams exploiting care relationships or treatment status.

Breach Impact

The institutional impact on AHN is substantial because the underlying IntraSystems incident affected a large share of AHN's home-care patient base. Federal HIPAA notification obligations, an Office for Civil Rights review, multistate attorney-general filings, and class-action litigation are all underway. The vendor-pathway nature of the breach raises broader supply-chain governance questions for AHN's procurement and security functions. The Highmark Health parent enterprise has had to manage reputational fallout across its insurance and healthcare delivery operations. AHN has stated that the breach was limited to specific patient records rather than the entire health system database, which has helped contain the scope of disclosure obligations.

About Allegheny Health Network

Allegheny Health Network (AHN) is an integrated healthcare delivery system based in Pittsburgh, Pennsylvania, serving patients across Western Pennsylvania, Western New York, and parts of Ohio. AHN operates fourteen hospitals along with a wide network of outpatient facilities, primary care offices, and specialty practices, and is part of the Highmark Health enterprise. The breached subsidiary, AHN Home Medical Equipment (AHNHME, ahnhme.org), provides in-home medical supplies and support services across the AHN service area, including durable medical equipment, oxygen, respiratory therapy, and home infusion. As a HIPAA-regulated healthcare operator, AHN maintains substantial volumes of protected health information across hospital, clinic, and home-care operations.

Why They Hold Your Data

Integrated health systems collect patient identity, contact, insurance, billing, appointment, and clinical records across hospitals, clinics, and administrative operations.

Recent Developments

AHN began notifying patients about a related broader incident in January 2025, when its third-party IT vendor IntraSystems LLC was found to have suffered unauthorized access between October 11 and November 19, 2024 affecting roughly 293,900 home medical equipment and home infusion patients. AHNHME then issued an additional notification round in April 2025 covering the AHNHME-specific subset of records. The Pennsylvania-based health system has continued to operate normally and has implemented additional vendor-management controls. Class-action investigations by U.S. plaintiff law firms began organizing in early 2025 following the initial IntraSystems disclosure.

Data Points Exposed

3 verified field types
Email Address
Full Name High
Phone Number

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Moderate
Primary downstream threats:
  • SIM swap attacks where phone numbers are present
  • Targeted phishing campaigns using exposed email addresses
Threat vectors:
  • Phishing, credential stuffing & account takeover
  • Name-based social engineering
  • SIM swapping, vishing & SMS phishing

Threat Actor: Unknown (IntraSystems vendor compromise)

Unknown (IntraSystems vendor compromise)
Social Engineering

Attribution and method are based on available breach intelligence. Reported attack vector: Social Engineering.

Recommended Actions

If you believe your information may be included:

Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Find 2FA settings
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.
IdentityTheft.govReport to FTC

Frequently Asked Questions

What happened in the Allegheny Health Network breach?

Allegheny Health Network Home Medical Equipment (AHNHME) publicly announced a data breach in April 2025, following a related disclosure earlier the same year covering the broader Allegheny Health Network home-care patient population. The underlying intrusion occurred at IntraSystems LLC, a…

What data was exposed?

Verified fields include Email Address, Full Name, Phone Number.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
DataBreach.com
Record & field corroboration
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation