Ensuring Justice & Real Returns for Your Losses

Learn About Data Breach & Its Impact on You

What Happened?

On January 4, 2025, cybersecurity researcher Jeremiah Fowler discovered an unprotected database belonging to ESHYFT, a New Jersey-based HealthTech company operating across 29 U.S. states. The database contained 86,341 records, totaling 108.8 GB, and was publicly accessible. Fowler notified ESHYFT of the security lapse on January 6, 2025. However, the database remained unsecured for over a month, until March 5, 2025. The exact duration of the exposure prior to its discovery and whether unauthorized parties accessed the data remain unknown. On March 10, 2025, ESHYFT issued a public disclosure regarding the breach. There is currently no confirmation of whether notice letters were sent to affected individuals.

What Information Was Impacted?

Upon information and belief, the following types of sensitive personal and protected health information may have been compromised:
  • Personal Identification Information: Scans of driver’s licenses and Social Security cards, User profile pictures and facial images, Medical ID badges, User addresses, Disabled user records and other credential lanyards,
  • Professional Credentials: Professional certificates, resumes, and CVs
  • Spreadsheet with over 800,000 entries, including Nurse ID, Facility name, shift times and dates/ hours worked,
  • Employment Records: Monthly work schedule logs and work assignment agreements,
  • Medical Documents: Records potentially containing diagnoses, prescriptions, or treatments, Disability insurance claims (potentially protected under HIPAA)

What Action Can You Take?

Levi & Korsinsky, LLP is investigating whether affected users are entitled to compensation. If you have experienced a disruption in service from ESHYFT. there is no cost or obligation to participate. Follow the link below to find out if you are eligible for compensation.

About

ESHYFT

ESHYFT, headquartered in Howell, New Jersey, is a HealthTech company that provides healthcare staffing solutions across 29 U.S. states. The company specializes in connecting nurses and healthcare professionals with available shifts at healthcare facilities through its digital platform.

Compensation
Identity Theft
Compensation
Financial Fraud
Compensation
Privacy Violations

Frequently Asked Questions

Know Your Legal Rights After a Data Breach Incident

A data breach occurs when sensitive, confidential, or protected information is accessed, disclosed, or stolen without authorization. This may include personal data, financial information, medical information, or business secrets.

Our firm provides the following services:

  • Investigating the breach and determining liability.
  • Filing lawsuits or claims against negligent companies.
  • Helping recover financial damages.
  • Advising on legal steps to protect your rights.

As a consumer, you have the right to:

  • Be notified of the breach under U.S. laws, such as the California Consumer Privacy Act (CCPA) or General Data Protection Regulation (GDPR) if applicable.
  • Seek compensation for financial or reputational harm.
  • Take legal action against the entity responsible for negligence.

Depending on the case, you may be entitled to:

  • Reimbursement for financial losses (e.g., identity theft).
  • Compensation for emotional distress or loss of privacy.
  • Punitive damages if negligence is proven.

Yes, time is critical. If you suspect your data has been compromised:

  • Secure your accounts by changing passwords.
  • Monitor your credit reports for unusual activity.
  • Contact a law firm to explore legal options for compensation.

Our firm works on a contingency fee basis, meaning you pay nothing upfront. We only get paid if we recover compensation for you.

Take Action. Choose My Data Breach Attorney