CommonSpirit Health Breach Affects Over 19,000 Individuals

On Nov. 25, 2024, a significant data breach was discovered involving CommonSpirit Health, a nonprofit Catholic health system in the United States. The breach originated from Pinnacle Holdings Ltd., a healthcare consulting company that provides services to Northgauge Healthcare Advisors, a vendor of CommonSpirit Health.

According to the official disclosure to the Washington Attorney General, Pinnacle experienced a network disruption between Nov. 11, 2024, and Nov. 25, 2024, caused by a ransomware attack.

During this period, a threat actor accessed and copied data from Pinnacle’s network. The compromised information included names, full dates of birth, medical information, and other sensitive details.

This incident exposed both personally identifiable information (PII), such as names and dates of birth, and protected health information (PHI), including medical details.

The breach affected at least 19,027 individuals in Washington state alone, with the total number of impacted individuals likely higher across CommonSpirit Health’s national footprint.

The initial notification to Northgauge occurred in Nov. 2025, but identification of the specific individuals impacted was not completed until Jan. 30, 2026. CommonSpirit Health was formally notified on Feb. 2, 2026.

The company also posted a notice of the incident on its website.

CommonSpirit Health's response

Impacted individuals are being offered free credit monitoring and identity protection services for a specified period through Kroll, a leading provider of risk management services. These services include single bureau credit monitoring, fraud consultation, and identity theft restoration support.

Those affected are encouraged to remain vigilant by regularly reviewing credit reports and account statements for any suspicious activity. Additional recommendations include placing a fraud alert or credit freeze on credit files and reporting any signs of identity theft to the appropriate authorities.

The company’s detailed notice to consumers, which includes further protective steps and contact information for support, is available at the bottom of this page in PDF format.