Mass General Data Breach

Incident Overview

On February 14, 2024, Massachusetts General Hospital experienced a data breach where an email containing sensitive personal information was mistakenly sent to an incorrect employee. The attachments included in the email contained the full names, addresses, and social security numbers of certain individuals. The error was identified on the same day, and immediate actions were taken to mitigate any potential damage.

Information Exposed

The types of consumer information inadvertently disclosed include:

• Full name
• Address
• Social security number

Mass General's Response

Upon discovering the breach, Massachusetts General Hospital promptly ensured that the unintended recipient deleted the email and attachments. They have confirmed that there has been no improper use of the exposed information to date. The hospital has also implemented enhanced security measures to prevent similar incidents in the future. Additionally, they are offering affected individuals 24 months of free credit monitoring services through Experian’s IdentityWorks.

Steps to Take if You Are Affected

If you believe your information was involved in this breach, there are several steps you can take to protect yourself:

• Place a Security Freeze: You can contact major credit bureaus to place a freeze on your credit reports, which prevents creditors from accessing your credit report without your permission. This can help prevent identity thieves from opening new accounts in your name.
• Equifax
• Experian
• TransUnion

• Review Your Account Statements: Monitor your financial statements and immediately report any suspicious activity to your financial institution.
• Check Your Credit Reports: Obtain a free annual credit report from AnnualCreditReport.com and review it for discrepancies.
• Set Up a Fraud Alert: Place a fraud alert on your credit reports, which warns creditors to verify your identity before opening new accounts in your name.
• Consult the Federal Trade Commission (FTC): For further guidance, visit the FTC’s identity theft website at www.ftc.gov/idtheft.

About Massachusetts General Hospital

Massachusetts General Hospital is dedicated to providing top-tier health care in a safe, compassionate environment. They are committed to advancing health care through research and education while improving the well-being of the diverse communities they serve. More information about their mission and services can be found on their official website.

For further details about the breach and the steps Massachusetts General Hospital is taking, you can access the official notice to consumers here.