St. Luke’s is a Milwaukee-based hospital subsidiary of Advocate Aurora Health. It was renamed– for the third time– in 1940 to St. Luke’s when the Lutheran Church took it under its wing. St. Luke’s was home to the first open-heart surgery in Wisconsin.
The breach was a leak of patient information. The data included social security numbers, names, addresses, birthdays, medical records, dates of service, Medicaid numbers, and, in select cases, diagnosis and treatment information.
The breach resulted from a lack of security measures on a third party’s side. This third party, called Adelanto Healthcare Ventures (AHCV), alerted St. Luke’s to the breach on the day of its occurrence. The hospital immediately launched an investigation, in which it initially appeared the hack involved no medical details. The continued search found that thousands were affected, and medical data was indeed a part of the breach.
This breach occurred on September 1, 2022.
The breach impacts certain St. Luke’s patients. We don’t know who these people are, but we know that the affected patients received a notification letter from St. Luke’s and its parent company regarding the breach.
The breach affected 16,906 individuals, which presumably, included minors. St. Luke’s has offered identity theft protection and credit monitoring free of charge to data breach victims.