Chambers Health Data Breach Affects 84,082 Texans

On July 19, 2024, Chambers County Public Hospital District No. 1—commonly known as Chambers Health—experienced a network disruption that has since been confirmed as a data breach affecting 84,082 individuals in Texas alone.

According to a notice filed with the Texas Attorney General’s office, the breach compromised both personally identifiable information (PII) and protected health information (PHI) of current and former patients. The types of information exposed include first and last names, addresses, phone numbers, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, medical information, and financial information.

Not every individual had all of these data elements exposed, but the incident is notable for the breadth of sensitive information involved.

After the initial disruption, Chambers Health secured its network and brought in cybersecurity experts to investigate. While the forensic review did not initially find evidence of data compromise, on December 26, 2024, the organization learned that certain files may have been acquired without authorization. A comprehensive review concluded on April 10, 2025, confirming that an unauthorized third party may have accessed and acquired personal data.

The threat actor known as “mapateam” claimed responsibility for the breach and, on December 5, 2024, posted about the incident on the open web, alleging the theft of 1.52TB of documents, private information, and financial records.

This public disclosure on the dark web increases the risk of misuse, even though Chambers Health has not received any reports of identity theft or misuse as of this writing. For more details, you can review the official breach disclosure on the Texas Attorney General’s website.

Chambers Health's response

In response to the breach, Chambers Health took immediate action to secure its systems and engaged external IT specialists to conduct a thorough investigation. The organization has since reviewed and enhanced its technical safeguards to help prevent similar incidents in the future. Chambers Health is providing written notice to all individuals whose information may have been affected, using U.S. Mail as the notification method.

To support those impacted, Chambers Health is offering complimentary credit monitoring and identity theft protection services for twelve months at no cost. Impacted individuals are strongly encouraged to enroll in these services and to follow the recommendations provided in the notification letter. These steps are important given the nature of the data exposed and the public posting of the breach by a threat actor. For additional information or questions, affected individuals can contact the dedicated response line at 1-833-998-5928, Monday through Friday, 8:00 a.m. to 8:00 p.m. ET, excluding holidays. More details, including the full notice to consumers, can be found in the incident disclosure posted by Chambers Health.

To learn more about the organization and its mission, visit the Chambers Health website.