North Mississippi Health Services reports MOVEit related data breach

published: Nov. 1, 2023

Learn More

Cadence Bank, a service provider for North Mississippi Health Services (NMHS) and its related entities, has reported a security breach that exposed the health data of Mississippi residents who received treatment at NMHS locations.

Cadence Bank was providing Lockbox services for NMHS.

Lockbox services, which are primarily handled by third-party agencies like banks, aim to streamline the collection of paper-based remittances and promptly update the accounts receivable documentation.

Cadence became aware of a then-unknown "zero-day" vulnerability in the MOVEit Transfer software by Progress Software Corporation on June 1.

Following an in-depth analysis, Cadence ascertained that the personal details of NMHS patients might have been compromised. NMHS was informed of this on September 1 by Cadence. Both entities then collaborated to verify and ascertain valid addresses for the affected parties, concluding their review on October 18.

The compromised data could encompass

  • names,
  • residential addresses,
  • birth dates,
  • Social Security numbers
  • driver’s license numbers,
  • medical records (like service dates, prescribed drugs, diagnostic or surgical details),
  • billing details, including financial account specifics.

Not every individual had all these data points exposed. As of now, Cadence hasn't identified any fraud or identity theft related to this breach. The number of affected individuals is not disclosed.

Those impacted by this breach will receive written notifications. Additionally, NMHS will publish details about this event on their website at

Cadence is offering free identity protection services to individuals whose critical data might have been exposed.

North Mississippi Health Services reports MOVEit related data breach