Loretto Hospital Data Breach Notice Confirms Ransomware Attack Affects

Published
April 5, 2025
Updated
April 5, 2025
Loretto Hospital Data Breach Notice Confirms Ransomware Attack Affects
Loretto Hospital
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

Loretto Hospital

data breach?

Join the Lawsuit

It's free to join. 

Between January 17, 2025 and February 1, 2025, Loretto Hospital experienced a data breach involving unauthorized access to its computer network. The breach was caused by the ransomware group known as RansomHouse, which claimed responsibility for the incident on March 10, 2025, via the dark web network Tor. According to RansomHouse, approximately 1.5 terabytes (TB) of sensitive data were stolen from the hospital's systems.

During the breach, the ransomware group accessed and copied files stored on Loretto Hospital's network. Additionally, the hospital reported that some patient data entered into the electronic medical record system between the evening of February 2, 2025, and the afternoon of February 3, 2025, was not saved. Although Loretto Hospital worked diligently to restore and recover as much data as possible, some patient records may not have been fully recovered or recreated.

At this time, the hospital is still conducting a thorough review of the compromised files to determine exactly what information was exposed and to whom it relates. As a healthcare provider and employer, Loretto Hospital stores various types of sensitive information, including personally identifiable information (PII) such as names, addresses, Social Security numbers, and dates of birth, as well as protected health information (PHI) such as medical records, diagnoses, treatments, and insurance details. However, the specific types of information exposed in this breach have not yet been confirmed.

Loretto Hospital's response

Upon discovering the breach, Loretto Hospital quickly initiated an investigation into the suspicious network activity. The hospital is actively working with cybersecurity experts to assess the security of its network and to implement enhanced protective measures. In addition, Loretto Hospital has notified federal law enforcement authorities and will inform relevant regulators as required by law.

To assist individuals potentially affected by this incident, Loretto Hospital has provided detailed guidance on how to protect personal information from misuse. The hospital advises individuals to remain vigilant by regularly reviewing their account statements, explanation of benefits statements, and monitoring free credit reports for suspicious activity. If suspicious activity is detected, it should be promptly reported to the relevant insurance company, healthcare provider, or financial institution.

Loretto Hospital has published a comprehensive Notice of Data Security Incident on its official website, outlining additional steps individuals can take to protect themselves, such as placing fraud alerts or credit freezes on their credit files. For further questions or concerns, affected individuals can contact the hospital directly via email at cyber.incident@lorettohospital.org, or by mail addressed to: Loretto Hospital, Attn: Information Systems CIO, 645 South Central Avenue, Chicago, IL 60644.

For more information about Loretto Hospital and its services, visit the hospital's official website at lorettohospital.org.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Affected Entity
Loretto Hospital
Consumers Notification date
Date of Breach
Breach Discovered Date
Total People Affected
Information Types Exposed
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image