.png)
Erlanger Health System Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the Erlanger Health data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About Erlanger Health
Erlanger Health is a non-profit, independent hospital and health care system based in Chattanooga, Tennessee. With a history dating back to 1889, Erlanger operates multiple hospitals and specialty clinics across southeastern Tennessee, north Georgia, north Alabama, and western North Carolina. The system is recognized as the region’s only Level I Trauma Center and serves as an academic teaching hospital affiliated with the University of Tennessee Health Science Center.
Erlanger Health includes several major facilities, such as Erlanger Baroness Hospital, Children’s Hospital at Erlanger, and Erlanger Western Carolina Hospital, among others. It employs over 6,300 people and treats more than a million patients annually, providing a wide range of medical services including trauma care, neonatal intensive care, and kidney transplants.
What Happened?
Erlanger Health recently announced a data breach that may have impacted thousands of patients. On February 19, 2025, Erlanger was notified by Nationwide Recovery Services, Inc. (NRS)—a third-party vendor used by Murphy Medical Center (now Erlanger Western Carolina Hospital)—about a security incident. NRS discovered suspicious activity in July 2024, which led to a network outage and an investigation.
It was determined that unauthorized access to NRS’s systems occurred between July 5 and July 11, 2024, and certain files and folders were copied.
After a thorough review, NRS confirmed that data belonging to Erlanger Western Carolina Hospital patients was involved.
Information exposed:
- Name
- Address
- Date of service
- Social security number (for a smaller number of individuals)
Not every affected person had all these data elements exposed, and there is no evidence so far of identity theft or fraud resulting from this incident. The breach was reported to law enforcement and regulators, and notification letters are being sent to those whose information was involved. According to the U.S. Department of Health and Human Services, 3,193 people in the United States were affected.
Your Rights and Next Steps
If you received a notification from Erlanger Health or NRS, it means your information may have been compromised in this breach. Even if you haven’t noticed any suspicious activity, your data could still be at risk. Here’s what you can do:
- Review any letters or emails you receive from Erlanger Health or NRS about the breach.
- Monitor your credit reports and bank accounts for unusual activity.
- Consider placing a fraud alert or credit freeze with major credit bureaus.
- Take advantage of any free credit monitoring or identity theft protection services offered.
- Keep records of any communication related to the breach.
You also have the right to seek legal advice and explore your options for compensation. Lawyers are ready to help you understand your rights and guide you through the process of joining a class action lawsuit if you qualify.
You May Be Entitled to Compensation
If your personal information was exposed in the Erlanger Health data breach, you may be entitled to compensation for damages such as time spent monitoring your accounts, out-of-pocket expenses, and the risk of identity theft. Lawyers are ready to help you take action and protect your rights.
To find out if you qualify and to join the lawsuit, complete the below form.
.svg)