More than a million people are being informed by Connecticut healthcare provider Community Health Center, Inc. (CHC) that a data breach has exposed their personal data.
The non-profit organization hired security professionals to look into and strengthen the security of its systems after seeing strange behavior on its network, which led to the identification of the event on January 2, 2025.
According to CHC, “they discovered that a proficient criminal hacker gained access to our system and stole some data, which may include your personal information.”
READ MORE: The Mystery Surrounding An Alleged Data Breach By A Data Broker
Names, addresses, dates of birth, Social Security numbers, phone numbers, email addresses, test results, information on diagnoses and treatments, and health insurance details were among the patient health records that the attacker allegedly accessed or exfiltrated.
As the data breach affects both current and past patients, as well as “all individuals who received a COVID test or vaccine at a CHC clinic,” CHC stated in its incident notice that the type of affected information may vary by individual.
The healthcare service claims that the attack did not use file-encrypting ransomware and that the threat actor did not erase any data from its systems, allowing it to carry on with business as usual.
According to the group, “we believe we stopped the criminal hacker’s access within hours, and that there is no threat to our systems at this time.”
According to CHC’s regulatory filing with the Attorney General’s Office of Maine, the data breach impacted 1,060,936 individuals. For two years, the organization is offering free identity theft and credit monitoring services to those who have been affected.
READ MORE: AT&T Clarifies The Restraints Of “Big Data” In Customer Reaching Capacity
“To keep an eye out for questionable conduct, we’ve deployed specialized tools and bolstered our security. Additionally, we are striving to ensure that your information remains secure going forward. According to the organization, there is currently no indication that your information has been exploited.
No ransomware group has taken credit for the event, and CHC has not disclosed information about who carried out the attack or whether the perpetrators tried to blackmail it. SecurityWeek has sent CHC an email requesting more details; if a response is received, this post will be updated.
With almost a dozen locations around the state of Connecticut, CHC is an independent, non-profit healthcare organization that offers primary care services in the areas of medicine, dentistry, and behavioral health.
Radiant TV, offering to elevate your entertainment game! Movies, TV series, exclusive interviews, music, and more—download now on various devices, including iPhones, Androids, smart TVs, Apple TV, Fire Stick, and more.
