Data breach at Loretto Hospital exposes personal information of over 500 individuals

Loretto Hospital in Chicago's Austin neighborhood is reporting a data security incident that potentially compromised the personal information of more than 500 people. 

The breach was discovered after suspicious activity was detected on their computer network. An investigation into the incident confirmed that an "unknown actor" had infiltrated the hospital's network between January 17 and February 1, 2025, gaining access to and copying files containing sensitive information.

The incident also caused disruption to the hospital's electronic medical record system. Patient records that were entered on February 2 and February 3 were not properly saved in the system. The hospital stated that they "worked diligently to restore and capture as much data and patient records as possible during this downtime," but acknowledged that "some records may not have been recovered or fully recreated."

The total number of affected individuals, the nature of the attack and the types of exposed data are not disclosed.

The hospital is currently conducting a review of the compromised files and has committed to notifying all individuals whose information was affected by the breach. Hospital has established a dedicated email address for questions related to the incident: cyber.incident@lorettohospital.org.