Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

1 Million Impacted by Data Breach at Connecticut Healthcare Provider

Community Health Center, Inc. says hackers stole the personal and health information of over one million individuals.

Connecticut healthcare provider Community Health Center, Inc. (CHC) is notifying over one million individuals that their personal information was compromised in a data breach.

The incident was identified on January 2, 2025, after the non-profit organization discovered unusual activity on its network, which prompted it to retain security experts to investigate and improve the security of its systems.

“They found that a skilled criminal hacker got into our system and took some data, which might include your personal information,” CHC says.

The attacker, the organization says, accessed or exfiltrated patient health records that included names, addresses, dates of birth, Social Security numbers, phone numbers, email addresses, test results, diagnosis and treatment information, and health insurance information.

The type of compromised information, CHC said in an incident notice, may differ by individual, as the data breach impacts current and former patients, “and all individuals who received a COVID test or vaccine at a CHC clinic”.

The healthcare provider says that file-encrypting ransomware was not used in the attack and that the threat actor did not delete data from its systems, which allowed it to continue its daily operations without interruption.

“We believe we stopped the criminal hacker’s access within hours, and that there is no current threat to our systems,” the organization says.

In a regulatory filing with the Maine Attorney General’s Office, CHC said that 1,060,936 people were affected by the data breach. The organization is providing the impacted individuals with two years of free identity theft and credit monitoring services.

Advertisement. Scroll to continue reading.

“We’ve strengthened our security and added special software to watch for suspicious activity. We are also working to make sure your information stays safe in the future. So far, there is no sign that your information has been misused,” the organization said.

CHC has not shared details on who perpetrated the attack and if the attackers attempted to extort it, and no known ransomware group has claimed responsibility for the incident. SecurityWeek has emailed CHC for additional information and will update this article if a reply arrives.

CHC is an independent, non-profit healthcare organization that provides primary care services in medicine, dentistry, and behavioral health at nearly a dozen locations in the state of Connecticut.

Related: New York Blood Bank Hit by Ransomware

Related: TalkTalk Confirms Data Breach, Downplays Impact

Related: China Launches Initiative for Global Data Security Issues

Related: Red Cross Eyes Digital Emblem for Cyberspace Protection

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

The US arm of networking giant TP-Link has appointed Adam Robertson as Director of Information and Security.

Cyber exposure management firm Armis has promoted Alex Mosher to President.

Software giant Atlassian has named David Cross as its new CISO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.