A trio of healthcare providers has disclosed security incidents ranging from compromised email accounts to unauthorized network access, exposing sensitive personal and medical information for thousands of affected individuals.
Three healthcare organizations—LifePoint Health, Southwest Behavioral & Health Services, and Nottingham Village—have disclosed separate cybersecurity incidents that resulted in the exposure of sensitive personal information. While the breaches occurred under different circumstances, each organization has taken steps to notify affected individuals and strengthen security controls following the discoveries.
LifePoint Health reported unauthorized activity within its network after a user account was compromised in February 2026. Investigators determined that an unauthorized party briefly accessed internal databases containing information belonging to employees of contracted vendors. The exposed data included names, contact information, dates of birth, and Social Security numbers. The healthcare network said the intrusion was contained within 24 hours and confirmed that patients and direct employees were not affected.
Southwest Behavioral & Health Services identified suspicious activity involving six employee email accounts in April 2026. A subsequent investigation found that the accounts had been compromised, affecting 2,316 individuals. Although the organization has not disclosed the specific categories of data involved, it stated that there is currently no evidence of misuse. As a precaution, impacted individuals have been offered credit monitoring and identity protection services, while additional safeguards have been implemented to improve email security.
Meanwhile, Pennsylvania-based Nottingham Village notified 5,240 individuals about a security incident initially detected in November 2025. A lengthy investigation later confirmed that a wide range of sensitive information may have been exposed, including Social Security numbers, government-issued identification details, financial account information, medical records, and health insurance data. The assisted living and skilled nursing facility said it continues to evaluate and enhance its cybersecurity practices to reduce the risk of future incidents.
