Brown Health Medical Group-MA, legally known as Lifespan Physicians Group of Massachusetts Inc., disclosed a data breach involving sensitive personal and health information. The healthcare organization, formerly affiliated with the Lifespan health system before its rebranding to Brown University Health in 2024, reported that the incident affected individuals whose information was maintained within its systems.
According to the Vermont Attorney General security breach notice portal, the Brown Health Medical Group data breach affected 86 Vermont residents. The breach involved sensitive information, including Social Security numbers, financial account information, government identification numbers, and health records.
Brown Health Medical Group Data Breach Investigation
Brown Health Medical Group-MA reported a data security incident involving the exposure of sensitive personal and protected health information.
The breach was disclosed to the Vermont Attorney General on July 16, 2026. Publicly available information regarding the cause of the incident, the timeline of unauthorized access, and the company’s investigation remains limited.
Because Brown Health Medical Group provides healthcare services, the organization maintains highly sensitive information belonging to patients and individuals connected with its healthcare network. Medical information and personal identifiers can create significant risks if exposed, including identity theft, medical identity theft, financial fraud, and targeted phishing attempts.
At this time, details regarding how the breach occurred, when Brown Health Medical Group discovered the incident, and whether unauthorized individuals accessed specific records have not been publicly released.
When Did the Brown Health Medical Group Data Breach Occur?
The Brown Health Medical Group data breach was reported to the Vermont Attorney General on July 16, 2026.
The available public filing does not currently disclose when the incident occurred, when unauthorized access was discovered, or how long affected information may have been exposed.
Additional details may become available if Brown Health Medical Group provides further notification to affected individuals.
What Information Was Exposed?
The Brown Health Medical Group data breach reportedly exposed several categories of sensitive information, including:
- Social Security numbers
- Financial account codes
- Credit and debit account information
- Government identification numbers
- Health records
The combination of medical information and personal identifiers can increase the risk of identity theft and other forms of misuse.
Individuals affected by healthcare data breaches may face risks including:
- Medical identity theft
- Fraudulent use of personal information
- Unauthorized financial activity
- Phishing or scam attempts targeting healthcare information
What You Can Do
If you are a current or former Brown Health Medical Group patient or otherwise believe your information may have been affected, consider taking the following steps:
- Monitor your accounts: Review financial accounts, medical statements, and insurance records for suspicious activity.
- Review credit reports: Check your credit reports for unfamiliar accounts, inquiries, or changes.
- Consider a fraud alert or credit freeze: These protections may help reduce the risk of identity theft involving exposed personal information.
- Watch for phishing attempts: Be cautious of emails, calls, or messages requesting personal information or account details.
- Save breach-related communications: Keep any letters, emails, or notices received from Brown Health Medical Group.
- Monitor healthcare records: Review explanations of benefits and medical records for unfamiliar services or treatments.
Affected individuals should watch for direct communications from Brown Health Medical Group regarding the incident, including information about available protections or resources.
File a Data Breach Lawsuit Against Brown Health Medical Group
Healthcare organizations have a responsibility to protect the sensitive personal and medical information entrusted to them. When a data breach occurs, affected individuals may face privacy concerns, increased risk of identity theft, and time spent addressing potential consequences.
If your information was exposed in the Brown Health Medical Group data breach, you may have legal options. A class action lawsuit may help affected individuals seek compensation for damages related to privacy violations, identity theft risks, financial losses, and other harms connected to the incident.
Contact Class Action U to learn whether you may qualify for a potential data breach claim. If you received notice about the Brown Health Medical Group data breach or believe your information may have been affected, complete our secure form to connect with a legal partner. There is no cost and no obligation to explore your options.