Lifepoint Health Data Breach Exposes Social Security Numbers of Contracted Vendors

Lifepoint Health Inc., a healthcare company that operates more than 60 community hospital campuses across 28 states, disclosed a data breach that exposed the personal information of employees of contracted vendors who provide services to the company.

On Feb. 22, 2026, an unauthorized third party used a compromised user account to gain access to Lifepoint Health's internal environment.

Lifepoint Health discovered the unauthorized activity the following day, on Feb. 23, 2026. The company began an investigation and engaged third-party cybersecurity experts to assist in determining the scope and nature of the incident.

The investigation confirmed that the affected databases held information belonging to employees of contracted vendors who provide services to Lifepoint Health, rather than patients or direct employees of the company.

The types of personally identifiable information exposed included names, addresses, phone numbers, dates of birth and Social Security numbers.

Lifepoint Health began notifying affected individuals on April 23, 2026.

Lifepoint Health's response to the breach

Lifepoint Health is offering affected individuals one year of complimentary identity theft protection and credit monitoring services through Equifax ID Watchdog. Enrollment instructions were included on a separate page attached to the notification letter sent to each affected individual.

The company also encouraged affected individuals to remain vigilant by regularly reviewing their financial account statements and credit reports for any suspicious or unauthorized activity. The notification included a detailed reference guide directing individuals to additional resources.

Affected individuals with questions were directed to contact their facility's privacy officer using the contact information provided in their letter.