Aspire Rural Health System Under Investigation for Data Breach of Over 100,000 Patient Records
Schubert Jonckheer & Kolbe LLP is investigating a data breach that led to unauthorized access of the sensitive information of 138,386 patients of Aspire Rural Health System (Aspire Health), a Michigan-based health system consisting of over 70 providers.
Aspire Health includes Deckerville Community Hospital, Hills & Dales Healthcare, Marlette Regional Hospital & The Heartlands Senior Living.
On July 18, 2025, Aspire Health discovered that an unauthorized third party accessed and acquired files from its systems from November 4, 2024, to January 6, 2025.
Although the breach began in November 2024, Aspire Health did not begin notifying affected individuals until on or around August 20, 2025, which may have violated state and federal laws. The following information may have been compromised in the breach: first and last names, dates of birth, Social Security numbers, financial account numbers and routing numbers, medical treatment and diagnosis information, prescription information, individual health insurance information, payment card numbers and access PIN numbers, payment card expiration dates, lab results, provider information, driver’s license numbers, password and usernames, biometric identifiers, patient identification numbers, medical record numbers, and passport number.
If your personal information was impacted by this incident, you may be at risk of identity theft and other serious violations of your privacy. As a result, you may be entitled to money damages and an injunction requiring changes to Aspire Health’s cybersecurity practices.
If you received notification of this data breach or are a patient of Aspire Health and wish to obtain additional information about your legal rights, please fill out the form below.
