CHCP Data Breach: Nearly 69,000 Affected in Houston
Data Breach · Investigation

College of Health Care Professions Data Breach: Nearly 69,000 People Affected

Published July 17, 2026

This page covers the data breach at The College of Health Care Professions, a Houston college — the incident exposed personal and health information for close to 69,000 people, and reporting says a class action has now been filed. If you got a notice, here is what was involved and what to do; there is nothing to claim yet.

A health-care data breach, illustrating the College of Health Care Professions incident affecting nearly 69,000 people
The College of Health Care Professions, a Houston college, reported a 2025 data breach affecting about 68,825 people.
Breach Notice · Investigation · Suit Details Reported, Not Yet Confirmed

This page describes a data-breach notification and the litigation developing around it. The College of Health Care Professions has reported a data security incident; any claim that it failed to adequately protect personal information is an unproven allegation. Reporting indicates a class action has been filed, but the specific case caption, number and court were not independently confirmed on the public record when this page was published — those details are described here as reported. There is no settlement and nothing to claim. This page is informational and is not legal advice.

What Is This About?

The College of Health Care Professions (CHCP), a Houston-based college that trains students for allied-health careers, reported a data security incident in which an unauthorized party accessed its computer network and may have copied files containing personal and health information. The college reported the breach to the Texas Attorney General as affecting about 68,825 people — close to 69,000 — and began mailing notification letters in early 2026.

Because CHCP is a health-care training institution, the files it holds can include sensitive student and applicant records. Reporting on the breach indicates that a class action has since been filed on behalf of affected individuals, and several plaintiff-side law firms have publicly announced investigations. As of this writing, there is no settlement and nothing to claim, and OpenClassActions.com was not able to independently confirm the specific case caption, number, or court on the public record — so those details are described here as reported.

Status Breach Reported · Litigation Developing Notices mailed in early 2026 · class action reportedly filed · caption not yet confirmed
People Affected ~68,825 (nearly 69,000) As reported to the Texas Attorney General
Information Involved Names, SSNs, IDs, financial & health data Varies by person · SSN, driver's license/state ID, other government IDs, financial account/card numbers, DOB, medical & health-insurance information
Can I Claim? No — nothing to claim yet No settlement, no fund, no claim form

What CHCP Reported

According to breach reporting, CHCP detected suspicious activity on its network and determined that an unauthorized third party had accessed its systems and may have accessed or copied certain files. The access is reported to have occurred in 2025, with the college later conducting a forensic review to determine whose information was involved before sending notices in early 2026. The breach was reported to the Texas Attorney General as affecting about 68,825 Texas residents.

Some accounts of the incident differ on the exact timeline — including when the intrusion was first discovered — so the specific dates should be treated as reported rather than settled. The legal and corporate entities associated with CHCP have been identified in reporting as Empowerment Schools – Healthcare Ltd. and Texas Medical Careers, Limited, doing business as The College of Health Care Professions. The gap between the 2025 access and the 2026 notifications is one of the issues plaintiff-side attorneys have said they are examining.

What Information May Have Been Exposed

Based on breach reporting, the information involved varies by individual and may have included:

• Names, dates of birth, and contact information
• Social Security numbers
• Driver's license or state identification numbers, and other government-issued ID numbers
• Financial account numbers or payment card numbers
• Medical information and health insurance information

Not every data element applies to every person; the specific information involved is described in each individual's notice letter. The combination of Social Security numbers with financial and medical information is the kind of data that can be misused for identity theft, financial fraud, and medical-identity fraud, which is the focus of the attorney investigations.

Has a Lawsuit Been Filed?

Reporting indicates a class action has been filed over the breach, and multiple plaintiff-side firms have announced investigations on behalf of affected individuals. However, OpenClassActions.com was not able to independently verify a specific case caption, case number, or court on the public record when this page was published. Data-breach class actions of this kind typically allege negligence, breach of implied contract, and similar claims, and seek damages, credit monitoring, and improved security — but until the complaint is confirmed, those specifics are described here only in general terms.

If the breach involved medical information, it may also appear on the U.S. Department of Health and Human Services breach portal. We will update this page as the litigation and any regulatory filings are confirmed.

Is There a Settlement?

No. This is a breach notification with litigation developing, not a settlement.

There is no settlement fund, no claim form, no payout, and no deadline. Any free credit monitoring CHCP may have offered in its notice is separate from any future settlement. Be cautious of any website that claims you can "file a claim" for this matter right now — no legitimate claims process exists yet.

What Should Affected People Do Now?

If you received a CHCP notification letter, read it carefully for the specific information involved and for any complimentary credit monitoring offered to those whose Social Security number was affected — if it is offered, enroll. Be cautious about unsolicited calls, emails, or texts referencing the college or your records, as phishing commonly follows a breach. Monitor your financial accounts and any medical or insurance statements for unfamiliar activity, and consider placing a fraud alert or a credit freeze with the three nationwide credit bureaus. You can report identity theft and get a recovery plan at the Federal Trade Commission's IdentityTheft.gov. There is nothing to file right now; keep any notice you receive in case a claims process is later created.

For related health-data incidents, see our coverage of the Blue Fish Pediatrics data breach, another Houston-area health-data incident, and the Change Healthcare data breach.

This page is informational and is not legal advice.

Frequently Asked Questions

What happened in the CHCP data breach?

The College of Health Care Professions reported that an unauthorized party accessed its network in 2025 and may have copied files with personal and health information. It reported the breach to the Texas Attorney General as affecting about 68,825 people and began notifying them in early 2026.

What information was exposed?

Reporting says the data may have included names, Social Security numbers, driver's license or state ID numbers, other government IDs, financial account or card numbers, dates of birth, and medical and health-insurance information. The exact data varies by person.

Is there a class action or settlement?

Reporting indicates a class action has been filed and firms are investigating, but there is no settlement, no claim form, and no deadline. The specific case details were not independently confirmed on the public record when this page was published.

What should I do if I got a notice?

Enroll in any free credit monitoring offered, monitor your accounts and medical statements, watch for phishing, and consider a fraud alert or credit freeze. Report identity theft at IdentityTheft.gov and keep your notice.

Sources

• Office of the Texas Attorney General — Data Breach Reports (CHCP reported ~68,825 affected): Texas AG Data Breach Reports
• Houston Chronicle — coverage of the Houston college data breach class action: Houston Chronicle
• U.S. Department of Health and Human Services — Breach Portal (health-data breach reporting): HHS OCR Breach Portal


For more class actions keep scrolling below.
Status Breach reported — investigation; class action reportedly filed
Organization The College of Health Care Professions (CHCP), Houston, Texas
People Affected ~68,825 (as reported to the Texas AG)
Access Reported 2025 (exact dates reported)
Notices Mailed Early 2026
Data Involved Names, SSNs, IDs, financial & health information

Related Data Breach Cases