Cyber Incident Victim: Dartmouth-Hitchcock

The Dartmouth-Hitchcock breach occurred between October 6 and December 2, 2013, when unauthorized individuals accessed the Employee Self Service Direct Deposit Payment System. This access followed successful phishing attempts targeting some employees, though the specific methods used in the phishing campaign were not detailed. Dartmouth-Hitchcock discovered the breach on December 2, 2013, and promptly initiated response actions by contacting affected employees via telephone on or around December 3. During these calls, employees were instructed to change their passwords to secure their accounts. The organization formally notified the New Hampshire Attorney General’s Office about the incident in a letter dated January 20, 2014, confirming the timeline of unauthorized access and the nature of the compromised data.

Compromised information included employee names and direct deposit bank account details. Dartmouth-Hitchcock’s forensic investigation determined that Social Security numbers could also have been accessed through the breached system, though no evidence indicated this specific data category was actually viewed or exfiltrated. On January 20, 2014, Dartmouth-Hitchcock mailed notification letters to affected employees, disclosing the full scope of potentially exposed information and outlining remedial measures. The organization offered free credit monitoring services to impacted individuals and advised them to place fraud alerts on their credit reports. Employees were also encouraged to contact their financial institutions to assess whether bank account closures or changes were necessary. The breach exclusively affected employees utilizing the direct deposit system, with no mention of patient data involvement in the incident.