Data breach reported for Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group

Key Facts: Evergreen HCG Data Breach

• Date reported: February 25, 2026.
• Unauthorized access identified: December 3, 2025.
• Target entity: Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group (evergreenhcg.com).
• Source of breach: Unknown (unauthorized party accessed cloud-based platform).
• Data types: Full names, Social Security numbers, dates of birth, and medical information.
• Status: Confirmed; notification letters were mailed to affected current and former residents of the Golden Sonora Care Center starting February 24, 2026.
• Severity: Medium; while the incident specifically impacted residents of one facility, it involved highly sensitive protected health information (PHI) and Social Security numbers.

Start continuous breach monitoring with UpGuard.

What happened in the Evergreen HCG data breach?

Evergreen HCG (evergreenhcg.com) disclosed a data breach on February 25, 2026. This security incident involved Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group and is characterized as a data security incident. No specific threat actor has been identified in the initial reports regarding this matter.

According to the disclosure, the incident was first discovered on December 3, 2025, when the company identified unauthorized activity within its cloud-based healthcare platform. The subsequent investigation revealed that an unauthorized party may have accessed or copied files containing the personal information of current or former patients at Golden Sonora.

The severity of this event is classified as medium, indicating a significant but contained risk to the affected platform and its users. The organization is currently taking steps to respond to the incident, secure the impacted platform, and enhance security measures to protect against future issues. Such incidents typically carry risks of unauthorized access to sensitive healthcare records or personal identifiers.

Who is behind the incident?

The attacker or cause of the incident has not been identified.

Impact and risks for Evergreen HCG customers

For patients associated with Golden Sonora, there is a possibility that personal information could be compromised. This exposure might lead to risks such as identity theft, targeted phishing campaigns, or the unauthorized use of healthcare-related data. Individuals should remain vigilant regarding any unusual communications or suspicious activity related to their personal records.

Security incidents in the healthcare sector often result in heightened scrutiny of data management practices. Affected individuals should consider monitoring their financial statements and credit reports for any discrepancies. Maintaining a proactive stance on digital security and following official guidance from the organization can help mitigate potential harm. Transparency from the provider remains essential for effective risk management.

How to protect against similar security incidents

Scan your domain for vulnerabilities in minutes.

Frequently asked questions

What happened in the Evergreen HCG security breach?

On February 25, 2026, Evergreen HCG (evergreenhcg.com) disclosed a security breach. According to initial reports, Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group reported a data security incident that may have impacted the personal information of current or former patients at Golden Sonora.

When did the Evergreen HCG breach occur?

The unauthorized access was discovered on December 3, 2025. Following a forensic investigation and data review, Evergreen Healthcare Group began mailing notification letters to affected individuals on February 24, 2026.

What data was exposed?

The types of data potentially exposed include names, Social Security numbers, dates of birth, and medical information. The specific information impacted varies by individual.

Is my personal information at risk?

If you are a current or former resident of Golden Sonora Care Center, your personal information may have been affected. Evergreen Healthcare Group is offering 24 months of complimentary credit monitoring and identity restoration services through Cyberscout to those impacted. You should watch for a notification letter in the mail for enrollment details.

How can I protect myself after this data breach?

• Change passwords for all sensitive accounts.
• Enable multi-factor authentication (MFA) wherever possible.
• Monitor financial and medical statements for unusual activity.
• Watch for phishing emails or suspicious text messages.
• Utilize breach monitoring tools to track data exposure.

What steps should companies take after being impacted by this breach?

Evergreen HCG is working to secure the impacted platform and enhance its security measures. The organization aims to notify affected parties, provide guidance on protective actions, and review its internal protocols to prevent future incidents. They may also deploy attack surface management tools to strengthen their defense.