Data Breach Exposes Over 200,000 University of Iowa HomeCare Patients

A data breach affecting University of Iowa Community HomeCare, an affiliate of University of Iowa Health Care (UIHC), compromised personal information of approximately 211,000 individuals. The breach occurred on July 3, 2025, when an unauthorized person accessed the HomeCare computer system, which was quickly shut down and restored within one business day with the help of cybersecurity experts. Patient information exposed included names, dates of birth, medical record numbers, provider details, visit types, insurance data, and service dates, but UIHC's electronic health record systems remained unaffected. Affected individuals were notified in writing on August 29, 2025, and are advised to monitor their financial accounts and credit reports for suspicious activity. UI Health Care expressed regret about the incident and emphasized its commitment to enhancing security measures to prevent future breaches. Additional resources and contact information were provided for those with questions or concerns regarding the breach.