CHC Data Breach Exposed Over One Million Patients’ Information

Community Health Center, Inc. (CHC) suffered a major data breach that exposed the personal information of over one million people. The incident came to light on January 2, 2025, when CHC noticed unusual network activity and launched an investigation with cybersecurity professionals.
Findings revealed that a sophisticated attacker had gained unauthorized access to CHC’s systems and either viewed or extracted sensitive patient data. The exposed information included full names, addresses, dates of birth, Social Security numbers, phone numbers, email addresses, lab results, medical diagnoses, treatment records, and health insurance details. Affected individuals included current and former patients, along with those who had undergone COVID-19 testing or vaccination at CHC facilities.
CHC clarified that the attacker did not use ransomware and no data was deleted, allowing normal operations to continue. The intruder’s access was reportedly terminated within a few hours, and CHC has stated that no lingering threats remain.
At this time, CHC has not identified the perpetrator, and no cybercriminal group has claimed responsibility or attempted extortion in connection with the breach.