Cyberattack at MCG Health Affected over 1.1M Patient Records, Lawsuits Filed.

July 29, 2022


More than 10 U.S. health care systems were breached during a cyberattack of Seattle-based MCG Health, affecting up to 1.1 million patients, HIPAA Journal reports. MCG Health, a subsidiary of Hearst Health, is facing multiple class-action lawsuits as a result of the breach, during which an “unauthorized third party” obtained patient files that included names, Social Security numbers, medical codes, mailing addresses, telephone numbers and email addresses. The lawsuits allege MCG Health acted negligently by failing to recognize the breach for at least two weeks - while one lawsuit alleges hackers gained access to data 2 years before the hack was discovered.

Incident Date

March 25, 2022

Estimated Cost

No cost values disclosed.


Type of Malware

No Malware identified

Threat Source

No threat source identified