Recently, BAYADA announced that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its care may have been compromised. According to the breach notice shared on its website, on December 4, 2025, Doctor Alliance, a third-party vendor for BAYADA and other healthcare providers, notified BAYADA of a cybersecurity event it experienced that impacted its customers, including BAYADA.1 As a result, BAYADA launched an investigation to determine the nature of the incident.
Through its investigation, Doctor Alliance confirmed to BAYADA that sensitive personal information in Doctor Alliance’s systems related to BAYADA clients may have been accessed and/or acquired by an unauthorized third party between October 31 and November 6, 2025, as well as November 14 to November 17, 2025. As a result, BAYADA began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. While the information impacted varies depending on the individual, the type of information potentially exposed includes:
NameSocial Security numberDate of birthDiagnosis and medical or physical treatment informationProvider informationHealth insurance plan informationPrescription informationHospital admissions/dischargesDisability information
As a result of the breach, BAYADA posted notice of the breach on its website. Additionally, on January 30, 2026, BAYADA began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to New Hampshire residents, BAYADA is providing affected individuals with a list of the specific types of sensitive information impacted and 12 months of complimentary credit monitoring services. A link to the website breach notice is below.