By HFT Staff

Yale New Haven Health (YNHHS) recently experienced a data security incident that involved some patient information. This notice provides additional information about what happened, measures they have taken in response and offers steps patients may consider taking. 

On March 8, 2025, YNHHS identified unusual activity affecting their Information Technology (IT) systems. They immediately took steps to contain the incident and began an investigation, which included assistance from external cybersecurity experts. They also reported the incident to law enforcement. The investigation determined that an unauthorized third-party gained access to their network and, on March 8, 2025, obtained copies of certain data. 

At no point did this incident impact their ability to provide patient care. 

The information involved varied by patient, but may have included demographic information (such as name, date of birth, address, telephone number, email address, race or ethnicity), Social Security number, patient type and/or medical record number. 

YNHHS’ electronic medical record and treatment information were not involved or accessed, and no financial account or payment information was involved in this incident. 

YNHHS are continuously updating and enhancing their systems to protect the data they maintain and to help prevent events such as this from occurring in the future. 

While, to date, YNHHS is not aware of any patient information being used for identity theft or fraud, as a precaution, they are offering complimentary credit monitoring and identity protection services to individuals whose Social Security number was involved.