Western Montana Mental Health Center Data Breach Exposes Sensitive Patient Information
Worried About Your Data? Talk to Data Breach Attorney today
What Happened in the WMMHC Data Breach?
On September 15, 2024, Western Montana Mental Health Center (WMMHC) discovered a significant network disruption. In response, the organization immediately launched an investigation with help from independent cybersecurity experts. Through their efforts, WMMHC quickly confirmed that unauthorized individuals had accessed certain internal files.
To ensure a complete understanding of the breach, WMMHC then hired a third-party data review team. After a comprehensive review, the team reported on May 27, 2025, that the exposed files contained sensitive personal and protected health information (PHI) of patients and clients.
What Specific Information Was Involved?
While not every individual was impacted in the same way, the types of data compromised in this breach may have included:
Full names
Social Security numbers
Dates of birth
Driver’s license numbers
State or federal identification numbers
Financial account details
Health insurance information
Medical or treatment-related records
Notification was sent to affected individuals on July 17, 2025.
What Immediate Actions Did WMMHC Take?
WMMHC responded swiftly and decisively to contain the breach and protect affected individuals. Here’s what the organization did:
Engaged cybersecurity professionals to investigate and secure its systems
Notified the Federal Bureau of Investigation (FBI) and pledged full cooperation with any ongoing inquiries
Implemented system-wide security upgrades to prevent future incidents
Retained third-party data analysts to identify individuals whose data was involved
Most importantly, WMMHC is offering complimentary identity protection services to impacted individuals through IDX, a well-known identity protection provider.
What Should You Do Right Now?
If you suspect your data may have been compromised—or even if you’re unsure—taking the following steps can greatly reduce the risk of identity theft or fraud:
1. Review Financial Accounts and Credit Reports
Start by examining your bank accounts, credit card statements, and medical bills. If you notice unusual activity, contact your financial institution immediately.
2. Request Your Free Credit Report
You’re entitled to a free credit report every 12 months from each major credit bureau:
Equifax: www.equifax.com | 1-800-525-6285
Experian: www.experian.com | 1-888-397-3742
TransUnion: www.transunion.com | 1-800-916-8800
Visit www.annualcreditreport.com or call 1-877-322-8228 to request your report.
3. Place a Fraud Alert on Your Credit File
By contacting any one of the three credit bureaus, you can add a fraud alert to your credit file. This alert stays active for one year and notifies creditors to take extra steps before issuing credit in your name.
4. Consider a Credit Freeze for Maximum Security
A security freeze adds another layer of defense. It prevents new credit accounts from being opened in your name unless you lift the freeze using your unique PIN. While this may slow down certain financial processes, it offers strong protection against unauthorized activity.
To place a freeze, contact each credit bureau individually and provide the following:
Full name
Social Security number
Date of birth
Proof of address (e.g., a utility bill)
A copy of your government-issued ID