Dignity Health, a nonprofit healthcare organization based in California, recently reported a data breach that affected its sensitive personal identifiable information and protected health information. The breach was detected on September 20, 2024, when the organization became aware of an active cyber event involving an unknown individual who compromised its IT network. The network was temporarily disabled but was restored the following day. Following the event, Dignity Health launched an internal investigation to assess the nature and scope of the breach.
The investigation revealed that unauthorized access to the company’s systems occurred between September 17 and September 20, 2024, during which time sensitive personal and health information may have been accessed and acquired. The compromised data includes individuals’ names, Social Security numbers, birth dates, addresses, driver’s license numbers, financial account information, and medical and health insurance information. Dignity Health conducted a thorough review to identify which individuals were affected by the breach.
To address the situation, Dignity Health posted a notice of the breach on its website and began notifying the individuals whose information was affected. The organization is offering complimentary credit monitoring services to those impacted by the breach to help safeguard against potential identity theft or fraud. In its notice, Dignity Health outlined the types of sensitive information that may have been exposed during the breach.
Dignity Health, which operates more than 40 hospitals and 400 care centers, employs over 10,000 people. The organization is known for providing specialized services in cardiology, emergency care, neurology, orthopedics, oncology, women’s health, and other areas. In response to the breach, Dignity Health is reinforcing its cybersecurity measures to prevent similar incidents in the future and to protect patient and customer data.
Reference:
