Erlanger Health Affected by NRS Data Breach: 3,193 Patients Impacted

In early 2025, Erlanger Health disclosed a data breach that affected 3,193 individuals in the United States. The incident stemmed from a third-party vendor, Nationwide Recovery Services, Inc. (NRS), which had been used by Murphy Medical Center (now Erlanger Western Carolina Hospital) for collection activities between 2009 and 2019. According to the official disclosure, NRS detected suspicious activity on its systems in July 2024, resulting in a network outage. An investigation revealed that between July 5 and July 11, 2024, unauthorized individuals accessed the NRS network and copied certain files and folders.

The review of compromised files, completed around February 3, 2025, confirmed that some contained information related to Erlanger Western Carolina Hospital patients. The exposed information included names, addresses, dates of service, and Social Security numbers.

Erlanger Health reported the breach to the U.S. Department of Health and Human Services on April 10, 2025. You can view the official breach report on the HHS breach portal. For further details, the company’s own notice is available on the Erlanger Health data breach notification page.

Erlanger Health's response

After being notified by NRS of the breach on February 19, 2025, Erlanger Health took several steps to address the situation. NRS promptly secured its environment, launched an investigation, and reviewed its security policies and measures to prevent similar incidents in the future. Law enforcement and regulatory authorities were notified about the breach.

Erlanger Health has stated there is no evidence of identity theft or fraud resulting from this incident as of this writing. However, out of an abundance of caution, the company has begun notifying potentially affected individuals directly. Importantly, only patients of Erlanger Western Carolina Hospital who had collection actions pursued against them by NRS are likely to be impacted.

If you receive a notification or believe you may be affected, consider taking the following steps:

• Monitor your credit reports for any unauthorized activity.
• Watch for suspicious communications or attempts to use your personal information.
• Contact the dedicated toll-free number, 1-888-484-4962, established by Erlanger Health for questions related to this incident.

For most patients, unless you were specifically involved in collection activities with Murphy Medical Center/Erlanger Western Carolina Hospital during the relevant period, you are unlikely to be affected.

For more details about the organization, visit the Erlanger Health website.