Mass General Data Breach

The February 2024 Data Breach at Massachusetts General Hospital

On February 14, 2024, Massachusetts General Hospital experienced a data breach involving the accidental transmission of sensitive personal information. An email containing attachments with personal details, intended for a specific recipient, was mistakenly sent to another employee. This error led to the exposure of critical personal information, although the hospital has confirmed that the unintended recipient deleted the email and there is no evidence of misuse of the data to date.

Information Exposed

The following types of consumer information were exposed in the breach:

• Full name
• Address
• Social security number

Massachusetts General Hospital's Response

Following the discovery of the data breach, Massachusetts General Hospital acted swiftly to mitigate any potential damage. The hospital contacted the employee who received the email in error and secured confirmation that the email and its attachments had been deleted. They have also implemented additional training and education for their employees to prevent similar incidents in the future. Moreover, the hospital is offering affected individuals 24 months of free credit monitoring and other services through Experian’s IdentityWorks℠ to help protect their identity and monitor their credit. More details about these services can be found here.

Recommended Actions for Affected Individuals

If you believe you were affected by this data breach, it is crucial to take the following steps to safeguard your information:

1. Place a Security Freeze: Consider placing a security freeze on your credit reports to prevent new accounts from being opened in your name. You can do this by contacting each of the three major credit reporting bureaus: Equifax, Experian, and TransUnion.
2. Review Your Account Statements: Monitor your bank and credit card statements closely for any unauthorized transactions. Report any suspicious activity immediately.
3. Check Your Credit Reports: Obtain a free credit report from AnnualCreditReport.com to check for any discrepancies or unauthorized accounts.
4. Set Up Fraud Alerts: Place a fraud alert on your credit reports, which warns creditors to verify your identity before opening new accounts in your name. Contact any one of the credit bureaus to add an alert.
5. Consult the Federal Trade Commission (FTC): For further guidance, visit the FTC’s identity theft website at www.ftc.gov/idtheft or contact them directly at 877-ID-THEFT (877-438-4338).

About Massachusetts General Hospital

Massachusetts General Hospital is committed to providing the highest quality health care and advancing it through innovative research and education. The hospital is dedicated to improving the health and well-being of the diverse communities it serves. For more information, visit their official website at massgeneral.org.

For further details on the breach and how to protect your information, please refer to the official notice to consumers provided by Massachusetts General Hospital, available here in PDF format.