NYC Health + Hospitals Data Breach Affects 5,728 Patients

Published
July 15, 2025
Updated
July 15, 2025
NYC Health + Hospitals Data Breach Affects 5,728 Patients
NYC Health + Hospitals
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

NYC Health + Hospitals

data breach?

Join the Lawsuit

It's free to join. 

Banner advertisement for ExpressVPN to take control of your online security

Claim Depot may receieve a commission from links on this page

NYC Health + Hospitals experienced a data breach involving one of its vendors’ subcontractors, Renkim, which provides electronic, print, and mail processing services. The cybersecurity incident took place on or around March 2, 2025 and was discovered by Renkim on March 3, 2025.

Renkim notified NYC Health + Hospitals on April 9, 2025 that the data breach compromised the protected health information (PHI) of 5,728 patients. Exposed information includes names, addresses and NYC Health + Hospitals patient status.

The data breach was disclosed to the U.S. Department of Health and Human Services on June 6, 2025. NYC Health + Hospitals published a Notification of Possible PHI Disclosure on its website on June 6, 2025.

NYC Health + Hospitals' response

NYC Health + Hospitals notified affected patients in addition to required federal and state disclosures. Renkim, the vendor involved in the data breach, published a Notice of Data Security Incident on their website and set up a dedicated phone line at 866-461-3496, available Monday through Friday from 8 a.m. to 8 p.m. Eastern Time.

If you receive notification from NYC Health + Hospitals or Renkim about this breach, you may want to:

  • Carefully review any notice or communication you receive from NYC Health + Hospitals or Renkim and sign up for free credit monitoring services, if offered.
  • Monitor your credit reports and financial accounts for any unusual activity.
  • Be alert for phishing emails or phone calls that may use your exposed information.
  • Consider placing a fraud alert or credit freeze with major credit bureaus.

For more about the organization, visit the NYC Health + Hospitals website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image