Hospital Auxilio Mutuo Data Breach Affects 2022-2023 Patients

On Sept. 23, 2023, Hospital Auxilio Mutuo, a private, non-profit hospital in San Juan, Puerto Rico, was notified by the Department of Homeland Security that its systems could be the target of a cyberattack. The hospital immediately activated its incident response plan and launched an investigation.

By Nov. 21, 2023, the initial investigation indicated evidence of unauthorized access to certain systems. On May 15, 2024 the unauthorized activity was confirmed. A review was completed on Sept. 24, 2024 and it was determined that potentially impacted individuals included patients who visited the hospital between August 2022 and September 2023.

The cybersecurity incident compromised both personally identifiable information (PII) and Protected health information (PHI). Exposed information may include first and last names, Social Security numbers, driver’s license or state ID numbers, or passport numbers, health insurance details such as primary, secondary or other health plans or policies, insurance companies, member or group identification numbers, government Medicaid or Medicare payer identification numbers, medical record numbers, providers, diagnoses, medications, test results, images, care and treatment details, claim numbers, account numbers and billing codes.

Affected individuals may also have had financial information exposed, including payment card details, financial and banking information, payments made and balance due. The hospital published a Notification of Potential Data Breach on its own website.

Hospital Auxilio Mutuo's response

Hospital Auxilio Mutuo is notifying impacted individuals and is offering 12 free months of Medical Shield Pro and Equifax WebDefend credit monitoring services. The organization has also set up a dedicated help line for affected patients at 1-877-721-5315 between 9:00 a.m. and 9:00 p.m. EST, Monday through Friday.

If you receive notice from Hospital Auxilio Mutuo about this data breach, you may want to:

• Sign up for the 12 months of free Medical Shield Pro and Equifax WebDefend credit monitoring services offered.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about the hospital’s services can be found on the Hospital Auxilio Mutuo website.