AlohaCare Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating AlohaCare regarding its recent data breach. The AlohaCare data breach involved sensitive personal identifiable information belonging to over 12,900 individuals.


AlohaCare is a non-profit, community led health insurance plan for low-income residents of Hawaii. Through a partnership with Hawaii’s Community Health Centers, AlohaCare provides its members with a team of healthcare professionals, nurses, social workers, and other staff to help members with medical needs. In addition, AlohaCare also offers it members food security, housing services, and education programs. Founded in 1994 with the goal of helping people with Hawaii’s QUEST Integration health insurance and Medicare, AlohaCare has grown to become the second largest Medicaid health plan in Hawaii. Headquartered in Honolulu, Hawaii, AlohaCare employs over 200 individuals.


On or around May 31, 2023, AlohaCare discovered that it had experienced a data breach in which the sensitive personal identifiable information in its systems may have been accessed. Through its investigation, AlohaCare determined that an unauthorized actor may have accessed this sensitive information through a vulnerability in the MOVEit file sharing platform on May 31, 2023. On November 3, 2023, AlohaCare began contacting individuals whose information may have been impacted. The type of information exposed includes:

  • Name
  • Social Security number
  • Date of birth
  • Address

If you received a breach notification letter from AlohaCare:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or

If you were impacted by the AlohaCare data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by AlohaCare;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: