Philadelphia care provider Intercommunity Action notifies 2,680 people after breach exposed sensitive data

Intercommunity Action, a Philadelphia provider of aging services, behavioral health support, and programs for individuals with intellectual and developmental disabilities, notified 2,680 people that their personal information was exposed after unauthorized access to the organization’s computer network was identified on May 29, 2025.

The investigation determined that an intruder connected to the network between May 28 and May 29 and removed files during that period. The organization stated that some of the stolen data had potentially been made available online. No misuse of the information had been identified.

A review of the affected files showed that the data varied by individual and included names, dates of birth, addresses, Social Security numbers, driver’s license numbers, state identification numbers, bank account information, credit card numbers, financial details, claims records, diagnoses or conditions, medications, and other treatment information.

Intercommunity Action offered complimentary identity theft protection services to individuals whose Social Security numbers, driver’s license numbers, state identification numbers, or bank account information were involved. The organization implemented additional security measures that included changing passwords, blocking the intruder’s IP addresses, and adding further safeguards to reduce the likelihood of similar incidents.