On March 3, 2025, Monongalia Health System, Inc. (Mon Health) discovered a data breach that exposed sensitive information belonging to at least 4,895 individuals. The breach was the result of a phishing attack targeting a small number of employee email accounts. Cybercriminals gained unauthorized access to these accounts, allowing them to view documents containing personal and health information.
The types of information exposed include names, physician names, facility names, medical information, Social Security numbers and health insurance policy numbers.
The breach was reported to the U.S. Department of Health and Human Services on May 3, 2025. You can view the official disclosure on the HHS breach portal.
While the number of affected individuals is relatively limited compared to some healthcare breaches, the exposure of both PHI and PII—especially Social Security and health insurance policy numbers—can increase the risk of identity theft and fraud for those impacted. The breach was caused by a phishing attack, which highlights the ongoing vulnerability of email systems to social engineering tactics.
In response to the breach, Mon Health acted quickly to contain the incident and launched a thorough investigation with the help of computer forensic experts. The organization has implemented additional security measures to address the continually evolving threat landscape, including enhanced employee training to recognize phishing and other external attacks.
Notification letters were mailed to all potentially affected individuals on March 5, 2025. These letters include details about the incident and offer guidance on how to monitor and protect personal information. Mon Health has also established a toll-free call center at (833) 998-9762, available Monday through Friday from 8:00 am to 8:00 pm Eastern time (excluding holidays), to answer questions and provide support.
For those whose Social Security numbers or health insurance policy numbers may have been exposed, Mon Health is providing identity protection services at no cost. The company encourages all affected individuals to review their credit reports, consider placing fraud alerts or security freezes with the major credit bureaus, and remain vigilant for any signs of identity theft. Additional details and the full notice to consumers can be found on the Mon Health substitute notice page.
You can learn more about Mon Health and its services by visiting the Mon Health website.