UPDATED: January 6, 2026

St. John’s Riverside Hospital Data Breach

St. John’s Riverside Hospital detected a data breach in September 2025, caused by unauthorized access to employee email accounts, which may have exposed personal information. While no fraud has been reported, affected individuals are encouraged to take protective measures and may be eligible to file a class action lawsuit for compensation. Contact Class Action U for a free consultation to discuss your legal options.

St. John’s Riverside Hospital

Date of Breach: September 2025

Who was affected:

Clients of St. John’s Riverside Hospital

Impacted Data:

Name

Date of Birth

Social Security Number

Driver’s License or State Identification Number

Financial Account Number

Health Insurance Information

Medical Condition Information

Treatment Provider Name

St. John’s Riverside Hospital recently informed individuals of a data breach that resulted from unauthorized access to a limited number of employee email accounts. While the breach appears to be related to a phishing attempt, no personal information has been misused for identity theft or fraud. However, affected individuals should be aware of their rights and consider exploring legal options for compensation.

St. John’s Riverside Hospital’s Data Breach Investigation

In September 2025, St. John’s Riverside Hospital became aware of unauthorized access to a limited number of employee email accounts. The attacker’s goal was to distribute phishing emails and reroute payment funds. Upon discovery of the incident, the hospital immediately took steps to protect its systems. These steps included changing passwords, revoking session tokens, resetting multifactor authentication, and engaging data security and privacy experts to investigate the breach.

Although the hospital quickly contained the unauthorized access, the breach still exposed sensitive information stored within the affected email accounts. While there is no evidence that personal information has been misused for identity theft or fraud, the incident raises concerns about potential future risks for affected individuals.

When Did This Breach Occur?

The breach was first detected in September 2025 when St. John’s Riverside Hospital identified suspicious activity within a limited number of employee email accounts. The breach involved unauthorized access for the purpose of distributing phishing emails and rerouting payment funds. The hospital promptly took action to address the situation once it was discovered.

What Information Was Breached?

The following types of personal information may have been impacted during the breach:

Name
Date of Birth
Social Security Number
Driver’s License or State Identification Number
Financial Account Number
Health Insurance Information
Medical Condition Information
Treatment Provider Name
Medical Record Number
Treatment Cost Information
Diagnosis and/or Treatment Information

It is important to note that not all of the listed categories of information are relevant to each individual whose information may have been affected. The hospital is continuing its investigation and will provide updates if additional information is identified as compromised.

What You Can Do

If you were affected by this breach, it’s essential to take steps to protect your personal information. Here are some actions you can take:

Monitor Your Credit Reports: You are entitled to one free credit report annually from each of the three major credit bureaus. Review your credit reports regularly for any suspicious activity or errors.
Review Your Account Statements: Regularly check your bank and credit card statements for unauthorized transactions. If you spot any unusual activity, report it to the relevant financial institutions immediately.
Report Suspicious Activity: If you identify any fraudulent or suspicious activity, contact your financial institutions and law enforcement right away to mitigate potential damage.
Enroll in Credit Monitoring Services: If offered, consider enrolling in credit monitoring services to stay informed of any changes to your credit file that may indicate fraud or misuse of your information.
Stay Alert for Phishing Scams: Be cautious of any emails, calls, or messages attempting to exploit the data exposed during the breach. Do not share personal information unless you are certain of the request’s legitimacy.

Remaining vigilant and proactive can help prevent further misuse of your personal information.

File a Data Breach Lawsuit Against St. John’s Riverside Hospital

If you were impacted by this breach and your personal information was exposed, you may be entitled to compensation for any harm caused. Data breaches like this can lead to identity theft, financial loss, and emotional distress, and victims may have the right to seek restitution.

If you were affected by this breach, Class Action U can connect you with an attorney who specializes in class action lawsuits related to data breaches. By filing a class action lawsuit, you can seek compensation for the damages caused by St. John’s Riverside Hospital’s failure to secure personal information properly.

Contact us at Class Action U for a free consultation to determine if you have a case. Fill out our quick, easy, and secure form to get started, and our legal partners will guide you through the process. There is no cost to reach out, and there’s no obligation after speaking with one of our specialists.

Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

Other Data Breaches

Share Ourselves Data Breach

Date of Breach: October 2, 2025

Dot Foods and Dot Transportation Data Breach

Date of Breach: December 3, 2025

Brett Robinson Data Breach

Date of Breach: April 21, 2025

Frequently Asked Questions

What Should I Do If I Believe My Data Has Been Breached?

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

What Happens to Your Data in a Data Breach?

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

How Should I Respond to a Data Breach Notification?

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

What Evidence is Needed for a Data Breach Claim?

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Can a Company Be Sued for a Data Breach?

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

What is the Average Settlement in a Data Breach Lawsuit?

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.