Catholic Medical Center reports data breach exposing 2,800 patients

Catholic Medical Center (CMC) in New Hampshire has reported a data security incident involving nearly 2,800 patients whose personal and health information may have been exposed.

This incident is caused at Lamont Hanley & Associates Inc. (LH), a third-party vendor providing account receivable management services to the hospital. LH discovered on June 20, 2023, that an employee's email account had been compromised due to a phishing attack.

CMC has emphasized that their network was not breached in this incident. After an investigation, it was determined that patient personal data may have been exposed, including:

• Social Security numbers,
• dates of birth,
• medical and claim information,
• health insurance details,
• financial account information.

Although there was no definitive evidence of data access or acquisition by unauthorized parties, the possibility can't be entirely ruled out.

LH has offered free credit monitoring services to those affected and recommends that individuals place a fraud alert or security freeze on their credit files.