Esse Health Cyberattack Disrupts Healthcare Services in St. Louis
Esse Health, an independent physician group healthcare provider with 50 locations in the Greater St. Louis area in Missouri, is dealing with a cyberattack that has prevented access to its electronic medical record system. Esse Health said its offices remain open, and patients are still being served; however, some appointments have had to be cancelled and will be rescheduled when systems have been restored.
The attack has affected its phone system, which is operating in a limited capacity, with patients experiencing delays connecting calls. Patients have been advised to use the patient portal to send messages or to text the main number for their doctor’s office while the phone system is restored. Esse Health has engaged third-party specialists to assist with the forensic investigation and recovery efforts, and progress is being made in restoring its systems. At this early stage of the recovery process, it is unclear to what extent, if any, patient data has been compromised. Esse Health said that if patient data has been exposed or stolen, the affected individuals will be notified directly.
Palo Verde Hospital, California
Palo Verde Hospital in Blythe, California, has notified 594 patients about a recent security incident that caused disruption to its computer systems. The security incident was detected on March 6, 2025, and immediate action was taken to contain the incident and prevent further unauthorized access to its systems. The forensic investigation confirmed unauthorized access to its network between March 3, 2025, and March 6, 2025, and the exfiltration of files containing patient information.
The compromised information varied from patient to patient and may have included names in combination with one or more of the following: contact information, demographic information, Social Security number, date of birth, medical record number, patient account number, diagnosis and treatment information, prescription information, provider name, date(s) of service, and/or health insurance information. A limited number of patients also had their financial account and routing number exposed.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Patients who had their Social Security numbers exposed have been offered complimentary credit monitoring and identity theft protection services. Additional safeguards and technical security measures have been implemented to better protect and monitor its systems.
