Monarch Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Monarch regarding its recent data breach. The Monarch data breach involved sensitive personal identifiable information and protected health information belonging to over 56,000 individuals.


Monarch is a behavioral healthcare organization that provides services and support to people in North Carolina with intellectual and developmental disabilities. In addition to services for people with intellectual and developmental disabilities, Monarch offers support to individuals with mental illness and substance use challenges. Founded in 1958, Monarch offers housing and support services to its patient base of nearly 30,000 individuals. Headquartered in Albemarle, North Carolina, Monarch operates more than 50 locations throughout North Carolina and employs more than 1,400 individuals.


On August 29, 2022, Monarch discovered that it had experienced a data breach in which the sensitive personal identifiable information and protected health information in its systems may have been accessed. Through its investigation, Monarch determined that an unauthorized actor may have accessed this sensitive information on August 29, 2022 through a ransomware attack. On December 16, 2022, Monarch began contacting individuals whose information may have been impacted. The type of information exposed includes:

  • Name
  • Social Security number

If you received a breach notification letter from Monarch:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or

If you were impacted by the Monarch data breach, you may consider taking the following steps to protect your personal information.

  1. Carefully review the breach notice and retain a copy;
  2. Enroll in any free credit monitoring services provided by Monarch;
  3. Change passwords and security questions for online accounts;
  4. Regularly review account statements for signs of fraud or unauthorized activity;
  5. Monitor credit reports for signs of identity theft; and
  6. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: