City of Hope Data Breach

What Happened?

On October 13, 2023, City of Hope, a renowned cancer treatment and research organization, detected suspicious activity within a segment of its systems. They acted swiftly to control any potential disruption to their operations. With the aid of a top-tier cybersecurity firm, City of Hope initiated a thorough investigation to understand the nature and extent of the breach. It was discovered that between September 19, 2023, and October 12, 2023, an unauthorized party had gained access to certain systems and extracted copies of files.

By December 14, 2023, City of Hope began notifying individuals who could be readily contacted via email. On March 25, 2024, as the detailed and complex review of the affected data continued, City of Hope identified additional individuals whose personal information was compromised. The types of information exposed included names, addresses, Social Security numbers, driver's license numbers, government-issued ID numbers, financial information, medical information, health insurance details, and dates of birth.

City of Hope has since reported the incident to law enforcement and has been working to enhance their security measures to prevent such incidents in the future. To date, there have been no reports of identity theft or fraud stemming from this incident. However, City of Hope is offering complimentary credit monitoring services for two years to those affected.

For more information on the incident, City of Hope has provided a detailed notice on their website, which can be accessed here.

The breach has been disclosed to the Attorney General's offices in various states, including Maine and Massachusetts. The disclosures can be found on the Maine Attorney General's website here and on the Massachusetts Attorney General's website here.

In total, 827,149 individuals in the United States have been affected by this breach, with 6,678 in Texas and 166 in Maine. Consumers were notified of the breach through postings on the company website, U.S. Mail, and email.

If you believe you may have been affected by this data breach, it is recommended that you stay vigilant by monitoring your account statements and credit reports. If you notice any suspicious activity, you should immediately contact your financial institution. You should also consider taking advantage of the identity monitoring services offered by City of Hope through Kroll, a global leader in risk mitigation. You can enroll in these services by visiting Kroll's enrollment page.

For additional resources and information on how to protect yourself from identity theft, please visit the Federal Trade Commission's website at www.ftc.gov/idtheft or call them at (877) IDTHEFT (438-4338). You may also want to consider placing a fraud alert or a security freeze on your credit files, which can be done through the nationwide credit reporting agencies: Equifax, Experian, and TransUnion.

City of Hope deeply regrets any concern this incident may cause and is committed to maintaining the trust of those they serve. They have established a dedicated call center to answer any questions you may have about this incident, which can be reached at 1-866-495-8913, Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time, excluding major U.S. holidays.