Cyber Incident Victim: Saint Alphonsus Health System

In early May 2016, Saint Agnes Medical Center in Fresno, California, disclosed a security breach affecting its workforce. Scammers successfully executed an email phishing attack targeting the hospital's systems, resulting in unauthorized access to W-2 tax forms for all current employees. The compromise impacted 2,800 individuals whose sensitive financial and personal details were exposed. Hospital administration confirmed the breach occurred earlier that week and emphasized the incident remained confined to employee data without affecting medical infrastructure or patient records. Authorities including the FBI and California Attorney General's office initiated investigations into the attack. Hospital representatives characterized the event as a localized incident while maintaining that critical medical systems operated without compromise throughout the breach period.

The theft of W-2 documents placed affected employees at significant risk of financial fraud and identity theft due to exposure of Social Security numbers, income details, and other tax-related information. Saint Agnes responded by offering complimentary enrollment in an identity protection monitoring service for twelve months to all impacted personnel. While confirming the integrity of patient care systems and medical records, the hospital provided no public details regarding the phishing mechanism's technical execution or the timeframe between intrusion detection and disclosure. The breach investigation remained active with federal and state law enforcement involvement as affected employees faced potential long-term consequences from the exposure of their sensitive tax information.