Esse Health Data Breach Impacts 263,000+ Patients
▼ Summary
– Esse Health, a major St. Louis healthcare provider, notified over 263,000 patients of a cyberattack in April 2025 that stole personal and health data.
– The breach occurred when attackers accessed the network on April 21, disrupting patient-facing systems and phone services until June 2.
– Stolen data included names, addresses, health insurance details, and medical record numbers, but no social security numbers or NextGen system breaches were found.
– Affected patients are offered free identity protection services if they enroll by September 25, 2025, and are advised to monitor for fraud.
– The prolonged recovery and data theft suggest a ransomware attack, though no group has claimed responsibility.
A major data breach at Esse Health has compromised sensitive information belonging to more than 263,000 patients, raising concerns about potential identity theft and fraud risks. The St. Louis-based healthcare provider, which operates 50 facilities across the region, discovered unauthorized network access in April that led to the theft of personal and medical records.
The cyberattack disrupted critical systems for weeks, forcing the organization to take patient-facing networks offline until early June. During this period, communication channels including phone services and online portals were temporarily unavailable. Investigators confirmed that an intruder accessed and copied files containing patient data, though the electronic medical records system remained secure.
Compromised information includes names, addresses, dates of birth, insurance details, and medical identifiers, according to breach notifications sent to affected individuals. While Social Security numbers were not exposed, the stolen data could still be exploited for fraudulent activities. Esse Health is offering free identity monitoring through IDX, a data recovery specialist, for those who enroll before September 2025.
Though the healthcare group has not officially classified the incident as ransomware, the extended recovery timeline and system encryption point to a likely ransomware attack. No hacking group has publicly taken responsibility, leaving questions about the attackers’ motives unresolved.
Patients are urged to scrutinize financial statements and credit reports for unusual activity. Esse Health has not provided additional details regarding the attack vector or security improvements implemented since the breach.
(Source: Bleeping Computer)
