Ascension Borgess says patient information may have been breached through a former business partner.
In a statement Monday, Ascension said personal information such as social security numbers, addresses and birth dates may have been stolen from this partner.
"On December 5, 2024, Ascension learned that information belonging to our patients may have been involved in a potential security incident," the statement read.
"Our investigation determined on January 21, 2025 that Ascension inadvertently disclosed information to a former business partner, and some of this information was likely stolen from them due to a vulnerability in third-party software used by the former business partner."
The healthcare organization said the breach affected sites in five states including Michigan, though it did not say exactly which ones.
Ascension added that it will provide free credit monitoring and identity theft protection services to affected individuals.
Michael Symonds reports for WMUK through the Report for America national service program.
