Cyber Incident Victim: Presbyterian Healthcare Services

Presbyterian Healthcare Services experienced a data breach impacting approximately 183,000 patients and health plan members, with unauthorized access to personal information confirmed. The incident became publicly known on August 2, 2019, when Presbyterian initiated formal notifications through mailed letters to affected individuals. While the specific date of breach discovery and the exact nature of unauthorized access were not disclosed in available reports, the organization acted to fulfill notification obligations shortly before the public announcement. The breach exposed sensitive personal data belonging to a substantial portion of Presbyterian's patient and health plan population, though the healthcare provider did not specify whether medical records or financial information were compromised in the incident.

The breach represented one of the larger healthcare-related data security events in New Mexico during that period, affecting individuals who had entrusted their information to the prominent statewide healthcare system. Presbyterian undertook a direct communication strategy by sending physical mail notifications rather than relying solely on digital alerts, indicating adherence to regulatory requirements for breach disclosure. No details were released regarding potential misuse of the exposed data or whether the incident resulted from external hacking, insider threats, or accidental exposure. The organization did not publicly describe technical response measures such as system containment procedures, forensic investigations, or security enhancements implemented post-breach. Consequences included potential risks to patient privacy and organizational reputation, though Presbyterian did not report any immediate legal or financial repercussions at the time of disclosure. The incident underscored ongoing vulnerabilities in healthcare data management affecting regional providers.