On June 8, 2026, iRhythm Holdings, Inc. (“iRhythm”) became aware of suspicious activity on its computer network, indicating a data breach. Based on a subsequent forensic investigation, iRhythm determined that cybercriminals infiltrated this inadequately secured network and gained access to its files. The investigation further determined that, through this infiltration, cybercriminals potentially accessed and removed files containing the sensitive personal information of its patients.
While iRhythm has yet to identify exactly what categories of data were exposed, the information exposed in the data breach likely includes personally identifiable information and protected health information.
As a result of the iRhythm data breach, these individuals’ personal and highly confidential information may be in the hands of cybercriminals who can place the information for sale on the dark web or use the information to perpetrate identity fraud.
Murphy Law Firm is investigating claims on behalf of all individuals whose personal and confidential information was potentially compromised in the data breach. We are evaluating legal options, including a potential class action lawsuit, to recover damages for individuals who were affected by the iRhythm Holdings data breach.