Kettering Health Data Breach Exposes Social Security Numbers & Health Info

On May 20, 2025, Kettering Health discovered suspicious activity in its network that led to the exposure of sensitive information belonging to current and former patients, as well as affiliates.

The unauthorized access occurred between April 9 and May 20, 2025. During this period, cybercriminals infiltrated Kettering Health’s network, viewing and potentially taking files and folders without authorization. The incident resulted in a system-wide outage that disrupted hospital operations, canceled procedures, and impacted call center services.

The breach exposed a range of personally identifiable information (PII) and protected health information (PHI) including names, contact information, Social Security numbers, patient identification numbers, medical record numbers, medical information, treatment information, diagnosis information, health insurance information, driver’s license or state identification numbers, financial account information, education records, and dates of birth.

Kettering Health has not disclosed the total number of individuals affected, but the scope of the breach, which spans over a month and impacting both PII and PHI, makes this a severe incident. The healthcare organization disclosed the data breach to the U.S. Department of Health and Human Services on July 21, 2025.

Kettering Health's response

Upon discovering the breach, Kettering Health launched an investigation with the help of third-party cybersecurity specialists. The organization worked quickly to secure its systems, review the content of compromised files, and determine the extent of the data involved. Kettering Health published a Notice of Privacy Incident on its website.

To support those potentially affected, Kettering Health has set up a dedicated assistance line at 855-202-8326, available Monday through Friday, 9 a.m. to 9 p.m. Eastern Time (excluding U.S. holidays). The company encourages all individuals who may be impacted to remain vigilant by monitoring account statements, reviewing free credit reports, and watching for suspicious activity or errors in their Explanation of Benefits.

Kettering Health advises affected individuals to consider placing a fraud alert or credit freeze on their credit files to help prevent unauthorized use of their information. Details on how to request a free credit report and contact information for the three major credit bureaus—Equifax, Experian, and TransUnion—are provided in the official notice. Additionally, consumers are encouraged to report any suspected identity theft to law enforcement and the Federal Trade Commission.

For more information and ongoing updates, individuals can visit the Kettering Health website.