Davies, McFarland & Carroll; Awakenings Center Data Breaches Impact 72,500 Individuals
Data breaches have been announced by the medical malpractice law firm Davies, McFarland & Carroll, the sex therapy and couples counseling provider Awakenings Center, and the Maryland healthcare provider, Adventist HealthCare.
Davies, McFarland & Carroll, Pennsylvania
Davies, McFarland & Carroll LLC, a Pittsburgh, PA-based law firm specializing in medical malpractice, has experienced a significant data breach involving unauthorized access to the sensitive information of 54,712 individuals.
Davies, McFarland & Carroll is a business associate of HIPAA-covered entities and is provided with access to protected health information to provide its legal services. On or around May 22, 2025, a network intrusion was detected. External cybersecurity experts were engaged to investigate the incident and confirmed that an unauthorized third party had access to its network from May 19, 2025, to May 22, 2025, during which time files containing sensitive data were either viewed or acquired.
The forensic investigation and file review concluded on September 25, 2025, when it was confirmed that sensitive data had been exposed. There is currently no substitute breach notice on the Davies, McFarland & Carroll website, and the notification letter to the Maine Attorney General has the types of exposed data redacted. Individuals started to be notified about the breach on November 24, 2025, and their notification letters state the exact types of information involved. As a precaution against data misuse, the affected individuals have been offered complimentary single-bureau credit monitoring, credit report, and credit score services through Cyberscout for 12 months.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Loving and Living Center (Awakenings Center), North Carolina
Loving and Living Center, PC dba Awakenings Center, a North Carolina-based provider of couples, sex therapy, and individual counseling, has discovered unauthorized access to its electronic medical record system. The unauthorized access was detected on or around September 10, 2025, and the forensic investigation and data review confirmed that up to 17,800 patients may have been affected.
Awakenings Center said the affected individuals had the following data elements exposed: name, age, date of birth, gender, relationship status, employment status, city, and zip code. No financial information was involved. Awakenings Center said it takes privacy and security very seriously and has taken steps to remedy the incident and improve security to prevent similar incidents in the future.
Adventist HealthCare, Maryland
Adventist HealthCare, a non-profit healthcare provider based in Gaithersburg, Maryland, has recently reported a data breach to the HHS’ Office for Civil Rights that involved the protected health information of up to 1,300 patients. On or around November 13, 2025, Adventist HealthCare determined that paper records containing patient data had been lost. The documents contained patient names, health records, and treatment information. Few details have been released so far about the nature of the incident. This post will be updated when further information is released.
