DOCS Dermatology Group Data Breach 2026: 4,626 Illinois Dermatology Patients Exposed. 85+ Multi-State Locations. What To Do
Central States Dermatology Services, LLC (d/b/a DOCS Dermatology Group), an Ohio-based dermatology platform with 85+ locations and 190+ providers across 10 states, disclosed a November 2025 network intrusion. The Illinois HHS OCR filing covers 4,626 patients. Names, Social Security numbers, dates of birth, treatment, prescriptions, Medicare/Medicaid IDs, and billing data exposed. No credit monitoring vendor named in public notice. Here is what to do.
You have options. Scroll for the exact action steps, what your provider’s response covers, and what your health data needs beyond credit monitoring.
Timeline
Nov 19, 2025
Unauthorized third-party network access begins
Nov 27, 2025
Discovery / suspicious activity flagged
Jan 26, 2026
HHS OCR filing and public disclosure (Illinois cohort: 4,626)
Nov 19, 2025
Unauthorized third-party network access begins
Nov 27, 2025
Discovery / suspicious activity flagged
Jan 26, 2026
HHS OCR filing and public disclosure (Illinois cohort: 4,626)
Data exposed
01
High-risk identity
Enables financial + identity theft
02
Health records
Don't expire and can't be reissued
03
Contact & insurance
Phishing + targeted scams
Class actions filed by
These firms have publicly announced investigations. You may be eligible to join. We are not a law firm and cannot give legal advice.
Your action plan, in five steps.
You have more rights than the notification letter explains. Each step below is a concrete thing you can do today. Full detail and timing in the sections that follow.
01
Accept credit monitoring
It’s the floor of the response. Take it.
02
Freeze your credit
Free at Equifax, Experian, TransUnion.
03
File IRS Form 14039
Prevent fraudulent tax return under your SSN.
04
Review your EOBs
Insurance statements catch medical identity theft early.
05
Stop the ongoing flow
Credit monitoring doesn’t cover your health records. HealthConsent does.
What happened
Central States Dermatology Services, LLC is the legal entity for DOCS Dermatology Group, an Ohio-based dermatology practice management platform headquartered at 9987 Carver Road, Suite 250, Blue Ash, OH. The network operates 85+ locations and 190+ providers across Illinois, Indiana, Louisiana, Michigan, North Carolina, Ohio, Pennsylvania, South Carolina, Texas, and West Virginia. Services span medical, surgical, and cosmetic dermatology, including Mohs micrographic surgery, BOTOX, fillers, microneedling, and laser resurfacing.
Between November 19 and November 27, 2025, an unauthorized third party accessed DOCS Dermatology’s network. The intrusion was discovered on November 27, 2025. DOCS Dermatology filed with HHS OCR and publicly disclosed on January 26, 2026 — the Illinois cohort filing covers 4,626 affected individuals. The broader breach extends across the 10-state network (state-level counts vary per AG filings).
No ransomware group has publicly claimed responsibility. No leak-site listing has been observed. The ~60-day gap between discovery and notice has been flagged by plaintiff firms as potentially violating state notification statutes.
What was stolen
Per the entity’s notice:
- Full name, home address, email, phone number
- Date of birth
- Social Security number
- Treatment and diagnosis information
- Prescription / medication information
- Dates of service, provider name
- Medical record number, patient account number
- Medicare / Medicaid ID
- Health insurance information
- Medical billing / claims data
No public confirmation of dermatology images or biopsy photos being exfiltrated.
What DOCS Dermatology is offering
- Dedicated call center: 513-813-1488 (Blue Ash HQ)
- Mailing address for inquiries: 9987 Carver Road, Suite 250, Blue Ash, OH 45242
No specific credit-monitoring vendor named in DOCS Dermatology’s public notice — patients are directed to self-monitor and place fraud alerts or freezes with TransUnion, Experian, Equifax on their own. The absence of a named monitoring program is unusual for a breach of this size with full SSN exposure, and is likely a focal point of any class action.
State AG filings
Per ClaimDepot aggregation, DOCS Dermatology filed AG notices in: California, Iowa, Maine, Massachusetts, Montana, Nebraska, New Hampshire, Oregon, Rhode Island, South Carolina, Texas, and Vermont. Illinois AG filing is presumed given the 4,626 IL count on OCR.
What to do
- Place free credit freezes at Equifax, Experian, TransUnion. Full SSN is in scope and no monitoring is being provided.
- File IRS Form 14039.
- Consider purchasing your own credit monitoring given the SSN + DOB + medical + billing exposure profile.
- Watch your Medicare Summary Notice for unfamiliar dermatology or specialty claims.
- Stop the ongoing flow of your dermatology records. HealthConsent files HIPAA restriction requests so the biopsy, prescription, and treatment data exposed in this breach is not continuously re-shared.
Continue reading
Credit monitoring covers your wallet. HealthConsent covers your health records.
Your stolen diagnoses, test results, and medical record numbers don’t expire when the free credit-monitoring window ends. HealthConsent automates HIPAA restriction requests and opt-outs across providers, insurers, HIEs, and prescription networks so the data taken in this breach can’t keep being shared and sold by other entities downstream.
Protect my health dataCancel anytime · Family plan covers spouses + dependents
Sources & further reading
- HIPAA Journal: DOCS Dermatology Group Coverage
- ClaimDepot: DOCS Dermatology Group Summary
- Strauss Borrelli: DOCS Dermatology Investigation
- The Lyon Firm: DOCS Dermatology Investigation
- HHS OCR Breach Portal
Official HHS OCR Breach Portal: ocrportal.hhs.gov
About this page
This page is compiled from public regulatory filings, the breached entity’s own disclosures, and reporting from established healthcare-privacy outlets. Some sections are assembled with the help of automated research and may contain errors, summaries that lag the underlying source, or details that have since been revised. Treat it as a starting point, not legal advice or an authoritative record. If you spot something inaccurate, the linked sources above are the canonical record. For questions about your individual situation, contact the breached entity directly or consult a licensed attorney.