Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.

Erlanger Health Data Breach

Erlanger Health disclosed a data privacy incident affecting certain Erlanger Western Carolina patients who received anesthesia services. The incident involved patient information being shared with a billing partner associated with another anesthesia group. Potentially exposed information includes names, dates of birth, medical record numbers, insurance details, and limited surgical information. Erlanger stated that Social Security numbers were not involved and that no misuse of the information has been identified.

Erlanger Health
Date of Breach: May 13, 2026
CAU logo

Who was affected:

Clients of Erlanger Health

Impacted Data:

Patient name

Date of birth

Medical record number

Mailing address

Email address

Telephone number

Internal hospital account number

Insurance information

Guarantor name

Guarantor address

Guarantor telephone number

Erlanger Health has announced a data privacy incident involving protected health information (PHI) belonging to certain Erlanger Western Carolina patients who received anesthesia services. The incident involved patient information being sent to a billing partner used by an anesthesia group serving Erlanger Tennessee campuses. Erlanger states that it has secured its systems, investigated the matter, and has no evidence that the information was improperly used.

Erlanger Health Data Breach Investigation

On May 13, 2026, Erlanger Health discovered that protected health information belonging to some Erlanger Western Carolina patients may have been compromised. The investigation determined that information belonging to Erlanger Western Carolina patients who received anesthesia care was included in data sent to a billing partner used by an anesthesia group that provides services for Erlanger Tennessee campuses.

The anesthesia services provided at Erlanger Western Carolina are handled by a separate anesthesia group. The information was reportedly transmitted between July 1, 2025, and May 27, 2026.

Erlanger stated that it immediately took steps to secure the information and launched an investigation into the incident. The organization also reported the event to regulators and began notifying individuals whose information may have been affected.

While Erlanger has not identified evidence that the information has been misused, healthcare data breaches can create risks because medical information and identifying details may be valuable to criminals attempting identity theft, fraud, or targeted phishing campaigns.

When Did the Erlanger Data Breach Occur?

The potentially affected information was sent between July 1, 2025, and May 27, 2026. Erlanger discovered the issue on May 13, 2026, and began investigating the scope of the incident.

What Information Was Exposed?

The information potentially involved may include:

  • Patient name
  • Date of birth
  • Medical record number
  • Mailing address
  • Email address
  • Telephone number
  • Internal hospital account number
  • Insurance information
  • Guarantor name
  • Guarantor address
  • Guarantor telephone number
  • Date of service
  • Limited medical information related to surgical care, including operative notes

Erlanger stated that Social Security numbers were not involved in the incident.

The organization also noted that not every affected individual had the same information exposed, and not all listed categories of information applied to every patient.

What You Can Do

If you received anesthesia care at Erlanger Western Carolina between July 1, 2025, and May 27, 2026, you may have been affected by this incident. Consider taking the following steps to protect your personal and medical information:

  • Review medical bills, insurance statements, and explanations of benefits for unfamiliar services or charges.
  • Monitor financial accounts for suspicious activity.
  • Be cautious of emails, calls, or messages requesting personal or medical information.
  • Keep copies of any breach notification letters or communications from Erlanger.
  • Contact your healthcare provider or insurer if you identify inaccurate medical information or suspicious activity.

Although Erlanger has stated that it has no evidence of improper use of the affected information, medical data can remain sensitive for years. Staying informed and monitoring your accounts can help identify potential problems early.

If you believe your information was involved in the Erlanger Health data breach, you may have legal options. Fill out the form on this page to learn whether you may qualify for a claim and connect with legal professionals who can evaluate your situation.

File a Data Breach Lawsuit Against Erlanger Health

Healthcare providers have a responsibility to protect patient information entrusted to them. When sensitive medical information is exposed due to a data security incident, affected individuals may have rights depending on the circumstances surrounding the event.

Patients impacted by the Erlanger Health data breach may be able to seek compensation for damages related to privacy violations, time spent responding to the incident, expenses associated with protecting their identity, and other potential losses.

Don’t stand alone after a data breach. Joining together with others affected by the same incident can help consumers understand their rights and explore available legal options.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Date of Breach: June 5, 2026
Date of Breach: July 2, 2026
Date of Breach: Not Specified

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.