Western Montana Health Breach Affects 86,758 Individuals

Western Montana Mental Health Center experienced a major data breach affecting 86,758 individuals across the United States. The breach was discovered on Sept. 15, 2024, and involved unauthorized access to both personally identifiable information (PII) and protected health information (PHI).

Compromised information includes names, Social Security numbers, driver's license numbers, dates of birth, state or federal ID numbers, medical information, financial account information and health insurance details. The breach is considered severe, increasing the risk of identity theft, financial fraud and potential misuse of sensitive health information.

The data breach was disclosed to the U.S. Department of Health and Human Services on Nov. 14, 2024. Later, on July 17, 2025, Western Montana Health Center published a Notice of Data Security Incident on its website, detailing the types of compromised patient data.

The cybersecurity incident was also disclosed to the Maine, Massachusetts, and Vermont Attorney Generals' offices. Affected individuals include 12 Massachusetts residents and six in Maine.

Western Montana Mental Health Center's response

In addition to required state and federal disclosures, Western Montana Mental Health Center began notifying impacted individuals by mail on July 17, 2025. WMMHC is offering free IDX identity protection services to affected patients.

If you receive a notice from Western Montana Health Center about this breach, you may want to:

• Sign up for the free IDX identity theft protection services, offered by WMMHC.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

For more information about the organization, visit the Western Montana Mental Health Center website.