Skip to main content
A woman realizes that a company she uses has been accused of CCPA violations.

ALN Medical Management Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach, Litigation Update.

The data breach lawyers at The Lyon Firm are investigating an alleged data theft incident at ALN Medical Management, potentially compromising the personal data of thousands of individuals. Contact an experienced attorney following any data security event to ensure you minimize the risks of fraud and identity theft. Call for a free case review and consultation.

The healthcare providers that were impacted by the ALN Medical Management data breach are listed as:

  • National Spine and Pain in Frederick, Maryland
  • Inpatient Physician Associates, LLC in Lincoln, Nebraska
  • Hoag Clinic in Costa Mesa, California
  • Allied Physicians Group in Melville, New York

What Happened at ALN Medical Management?

According to sample letters sent to the Attorney General of California, ALN experienced a data breach in which the sensitive personal identifiable information of thousands of individuals may have been accessed. According to the data breach notification letters, in March 2024, ALN identified suspicious IT activity at a third-party service provider.

Following an investigation, ALN concluded that a trove of personal information within the third-party hosted environment may have been compromised in March 2024. The impacted information varies but could potentially include the following:

  • Name
  • Social Security number
  • Driver’s license number
  • Government-issued ID number (e.g. passport, state ID card)
  • Financial information (e.g. account number, credit or debit card number)
  • Medical information
  • Health insurance information

ALN is an administrative services company for healthcare organizations offering revenue cycle management solutions for mid- to large-sized physician groups. On March 21, 2025, ALN began mailing data breach notification letters to impacted individuals. Call now to discuss taking legal action.

The Lyon Firm has filed numerous data breach lawsuits on behalf of plaintiffs in all fifty states. We believe strongly that any entity that collects and stores your personal information has a duty to protect it with reasonably robust IT security. If an attack occurs and sensitive data is leaked, negligent organizations can be held accountable.