Email account compromise at St. Anthony Hospital exposes data of 6,679 patients and staff
Learn More
St. Anthony Hospital in Chicago, Illinois, is reporting a data breach that exposed personal and medical information of 6,679 patients and staff members.
The hospital learned on February 6, 2025, that an unauthorized party may have obtained access to a limited number of employee email accounts. The hospital initiated an investigation with the assistance of third-party cybersecurity experts and reported the breach to law enforcement authorities.
The attacker accessed employee email accounts, and potentially viewed or copied sensitive information contained within those accounts. The exposed data includes:
- Full names
- Addresses
- Dates of birth
- Social Security numbers
- Telephone numbers
- Medical record numbers
- Patient account numbers
- Dates of service
- Prescription information
- Medical history, condition, treatment, or diagnosis
The hospital issued the notification to potentially affected individuals, but is not offering complimentary credit monitoring services.
The hospital is encouraging all affected patients and staff members to place a fraud alert or security freeze on credit files, obtain free credit reports from the three major credit bureaus, and remaining careful in reviewing financial account statements and credit reports for fraudulent or irregular activity on a regular basis.
