By HFT Staff

In September 2025, St. John’s Riverside Hospital became aware of potential unauthorized access to a limited number of employee email accounts for the purpose of distributing a phishing email and rerouting payment funds. Upon discovery, St. John’s Riverside Hospital promptly changed passwords, revoked session tokens, reset multifactor authentication and engaged data security and privacy professionals to assist in an investigation. There is no indication that personal information has been misused for the purposes of identity theft or fraud.  

Based on the findings of the investigation, the following types of information may have been impacted: name, date of birth, Social Security number, driver’s license or state identification number, financial account number, health insurance information, medical condition information, treatment provider name, medical record number, treatment cost information and diagnosis and/or treatment information.

Note that this describes general categories of information identified as present within the affected St. John’s Riverside Hospital accounts during the incident and includes categories that are not relevant to each individual whose information may have been present. Relatedly, if they identify additional types of impacted information, they will update their notification accordingly.  

Upon becoming aware of the incident, they conducted a thorough investigation, contained and remediated the unauthorized activity to resolve this situation. After determining there was unauthorized activity within St. John’s Riverside Hospital’s email environment, they immediately began analyzing the information involved to confirm the identities of potentially affected individuals and notify them.