Data Breaches Reported by Centerwell & Lakeside Pediatrics & Adolescent Medicine
Centerwell, a provider of senior healthcare services in 30 U.S. states, has experienced a cyberattack and data breach. Lakeside Pediatric & Adolescent Medicine has recently notified individuals affected by an October 2024 data breach.
Centerwell
Centerwell, a Louisville, Kentucky-based provider of healthcare services to seniors, has recently reported a data breach to the Texas Attorney General that involved unauthorized access to patient information.
The scale of the breach is currently unclear, other than the personal and protected health information of 4,618 Texas residents was compromised in the incident. The breach could be substantially larger, as Centerwell provides senior healthcare services in 30 U.S. states. The Texas Attorney General was informed on March 6, 2026, that data compromised in the incident includes names, addresses, dates of birth, and medical information. At the time of writing, the affected individuals have not been informed by mail, and no known threat group has publicly claimed responsibility for the incident.
While there is currently no substitute breach notice on the Centerwell website, the company has reported the data breach to the HHS’ Office for Civil Rights as affecting 9,561 individuals.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Lakeside Pediatrics & Adolescent Medicine
Lakeside Pediatrics & Adolescent Medicine (Lakeside), a Coeur d’Alene, Idaho-based healthcare provider, has started notifying patients about an October 2024 data security incident. Lakeside identified unauthorized access to its computer systems in late 2024. The forensic investigation confirmed that an unauthorized third party accessed its computer systems on November 1, 2024, and on December 15, 2024, Lakeside confirmed that there had been unauthorized access and potential acquisition of files containing patient information.
On January 1, 2025, Lakeside confirmed in a website breach notice that personal and protected health information had been compromised in the incident, although the data review was ongoing at that time. On or around December 26, 2025, Lakeside confirmed the data types involved, although the website notice has not been updated to state what those data types are.
In a breach notice submitted to the Washington Attorney General, Lakeside confirmed that single-bureau credit monitoring and identity theft protection services are being offered to the affected individuals, and that 1,314 Washington residents were affected. The incident has recently been listed on the HHS’ Office for Civil Rights website as involving the protected health information of 34,154 individuals.
