.png)
St. John's Riverside Hospital Data Breach Lawsuit Investigation
Shamis & Gentile P.A., one of the nation's premier class action law firms specializing in data breach cases, is investigating the St. John’s Riverside Hospital data breach.
If you were affected by the data breach, your sensitive personally identifiable information may have been exposed, and you may be eligible for compensation.
About St. John’s Riverside Hospital
St. John’s Riverside Hospital is a private, community-based hospital system located in Yonkers, New York. Founded in 1869, it was the first hospital in Westchester County and has grown to operate multiple facilities, including the Andrus Pavilion, ParkCare Pavilion, and the Michael N. Malotz Skilled Nursing Pavilion.
The hospital is accredited by the New York State Department of Health and the Joint Commission.
What Happened?
In September 2025, St. John’s Riverside Hospital discovered unauthorized access to certain employee email accounts. The breach was reportedly part of an attempt to distribute phishing emails and reroute payment funds.
Upon learning of the incident, the hospital took immediate steps to reset passwords, revoke session tokens, and enhance security measures. Data security and privacy professionals were engaged to investigate the situation.
Possible Information Exposed
- Name
- Date of birth
- Social Security number
- Driver’s license or state identification number
- Financial account number
- Health insurance information
- Medical condition information
- Treatment provider name
- Medical record number
- Treatment cost information
- Diagnosis and/or treatment information
According to official disclosures, the breach affected 2,238 individuals in the United States. St. John’s Riverside Hospital reported this incident to the U.S. Department of Health and Human Services on Nov. 14, 2025, and posted a Notice of Data Breach on its website.
Your Rights and Next Steps
If you received a notice about the St. John’s Riverside Hospital data breach or believe your information may have been involved, you have important rights and options. You may be entitled to seek compensation for any harm or inconvenience caused by this cybersecurity incident.
- Communication and credit monitoring services: Review and save any notification letters you receive. Enroll in free credit monitoring and identity protection services, if offered.
- Monitor your accounts carefully: Check your financial statements regularly for suspicious activity or unauthorized transactions. If you notice anything unusual, contact your financial institution immediately.
- Fraud alert and credit reports: A fraud alert informs creditors to take extra steps to verify your identity before opening new accounts in your name. Consumers are also entitled to one free credit report annually from each credit bureau. You can request a fraud alert or a credit report by contacting any one of the three major credit bureaus.
- Seek legal help: Lawyers are ready to help you understand your rights and pursue compensation.
You May Be Entitled to Compensation
If your information was exposed in the St. John’s Riverside Hospital data breach, you may be eligible for compensation, which could include reimbursement for out-of-pocket expenses, time spent addressing the breach, or payment for emotional distress.
Data breach laws provide protections and remedies for individuals whose sensitive information is compromised due to a company’s failure to safeguard data. To find out if you qualify and to join a lawsuit, complete the form below.
.svg)