By HFT Staff

On February 5, 2026, Cottage Hospital began mailing notification letters to certain patients whose information was involved in a data security incident. 

On December 8, 2025, Cottage Hospital learned that an unauthorized party gained access to its computer network and took some of its files. It immediately began an investigation and ultimately determined that the unauthorized party accessed its computer network between October 14, 2025, and October 21, 2025. This incident was limited to files on one of its file servers and did not involve unauthorized access to its electronic health records system. Further, this incident did not disrupt its operations or ability to care for its patients. 

Through Cottage Hospital’s ongoing review, it identified files that contain patient information, including patients’ names and one or more of the following: contact information, dates of birth, health insurance information, provider names, internal patient identification numbers, dates of service, medication information and treatment and/or diagnostic information. 

To help prevent a similar incident, Cottage Hospital will continue to implement and evaluate enhanced safeguards and security measures to further protect its systems and continue to provide security training to its employees.