MediCopy Data Breach Exposes Social Security Numbers and Medical Records

Healthcare data breach illustration
Breach Discovery: 2nd February 2026Breach Notification: 2nd February 2026

What Happened in the MediCopy Data Breach?

The MediCopy data breach involved unauthorized access to a cloud-based file sharing platform used by MediCopy, a health information management vendor. MediCopy handles release of information services for hospitals and clinics across the country. This includes Deaconess Health System, a healthcare provider based in Evansville, Indiana.

According to the notification posted by Deaconess, an unauthorized actor accessed MediCopy’s system on Jan. 13, 2026. During this intrusion, the attacker downloaded files tied to release of information requests. These requests are the formal process healthcare providers use to share patient records with insurers, attorneys and other authorized parties. As a result, files that patients may never have known existed on a third-party platform were exposed.

MediCopy discovered the incident and notified Deaconess on Feb. 2, 2026, roughly three weeks after the unauthorized access occurred. Once notified, Deaconess launched an investigation alongside MediCopy to determine the scope of the exposure. This review focused on identifying exactly which individuals had information contained in the downloaded files.

Importantly, the investigation confirmed that Deaconess’s own IT systems and electronic medical record system were not affected. Instead, the breach was isolated entirely to MediCopy’s cloud-based platform. This distinction matters because it shows the exposure originated with a vendor rather than with Deaconess directly.

Who was affected?

The MediCopy data breach affected patients whose records were involved in release of information requests processed through MediCopy. Specifically, the incident was limited to certain patients of Deaconess Henderson Hospital in Henderson, Kentucky, and Deaconess Union County Hospital in Morganfield, Kentucky, along with their surrounding clinics.

The total number of affected individuals has not been publicly disclosed. However, because the breach involves patient medical records, it likely touches a wide range of people, including those who received treatment, underwent testing or had records requested by insurers or legal representatives.

Because this breach happened at a third-party vendor, many affected patients may not have realized their information was ever stored on MediCopy’s platform. This is a common issue with vendor breaches. Patients often only learn about the exposure after receiving a notification letter, since they never directly interacted with the vendor themselves.

What Information Was Potentially Exposed?

The specific data exposed in the MediCopy data breach varies from person to person. This is because the exposure depended on which records were included in each individual release of information request. Still, the notification outlines several categories of information that may have been compromised.

  • Full names
  • Social Security numbers
  • Dates of birth
  • Medical record numbers
  • Dates of service
  • Health insurance identification numbers
  • Medical records related to treatment at Deaconess facilities

Because Social Security numbers and medical record details were involved, affected individuals face a meaningful risk of identity theft. Criminals can use Social Security numbers to open new credit accounts, file fraudulent tax returns or apply for loans in someone else’s name. As a result, this type of exposure often has long-lasting consequences if left unaddressed.

In addition to identity theft, the exposure of medical information raises the risk of medical identity fraud. For example, someone could use a stolen health insurance ID number to receive treatment or obtain prescriptions under another person’s name. This can lead to inaccurate medical records and unexpected bills for the actual patient.

What is the company doing?

After learning of the breach, Deaconess reported the incident to relevant regulatory agencies. The health system then began the process of directly notifying affected patients by mail. These letters explain the details of the incident and provide instructions for enrolling in protective services.

As part of its response, Deaconess is offering complimentary credit monitoring and identity protection services to affected patients. The health system has also urged patients to stay alert by regularly reviewing account statements and credit reports. Furthermore, Deaconess has established a dedicated toll-free call center to answer questions from concerned patients.

The call center can be reached at 1-844-558-4567 and is staffed Monday through Friday from 9 a.m. to 5 p.m. Central Time. This gives affected individuals a direct channel to ask questions about their specific exposure and available protections.

What Should Affected Individuals Do?

Place a Fraud Alert or Credit Freeze

Because Social Security numbers were exposed, affected individuals should consider placing a fraud alert or credit freeze immediately. This can be done by contacting Equifax, Experian and TransUnion directly. Doing so helps prevent criminals from opening new accounts using stolen personal information.

A credit freeze restricts access to your credit file, which makes it harder for identity thieves to open accounts in your name. In contrast, a fraud alert simply requires lenders to take extra steps to verify your identity. Either option adds a meaningful layer of protection while you monitor for signs of misuse.

Monitor Credit Reports for Unfamiliar Activity

Affected individuals should request free credit reports through AnnualCreditReport.com. From there, it’s important to carefully review each report for accounts, inquiries or other activity that looks unfamiliar. Catching suspicious activity early can prevent more serious financial damage down the line.

Because credit monitoring services are being offered free of charge, affected patients should take advantage of this benefit. These services can alert you quickly if new accounts or inquiries appear on your credit file. As a result, you may be able to respond to fraud attempts before they cause lasting harm.

Watch for Medical Identity Fraud

Since medical record numbers and health insurance identification numbers were exposed, patients should closely monitor their Explanation of Benefits statements. These documents list services, prescriptions or equipment billed to your insurance. If you notice anything you didn’t receive, this could indicate medical identity fraud.

Medical identity fraud can be especially difficult to untangle because it affects both your finances and your medical records. For this reason, it’s important to report any discrepancies to your insurer right away. Acting quickly can help limit the damage and correct your medical history before it causes treatment errors.

Stay Alert for Phishing Attempts

Scammers often use data breach notifications as an opportunity to target victims with phishing attempts. Because of this, affected individuals should be cautious of unexpected emails, calls or letters referencing MediCopy or Deaconess. Legitimate notifications will never ask for sensitive information over the phone or via email.

If you receive a suspicious message referencing this breach, avoid clicking links or providing personal details. Instead, verify the communication by calling Deaconess directly through its official contact number. This simple step can prevent scammers from taking advantage of an already stressful situation.

Check Social Security Statements Regularly

Given that Social Security numbers were involved in this breach, individuals should check their Social Security statements at ssa.gov. This allows you to spot unfamiliar earnings or benefits activity tied to your account. Early detection can help you report misuse before it escalates.

If you notice suspicious activity on your Social Security statement, report it immediately to the Social Security Administration. In addition, consider speaking with a data breach attorney to understand your legal options. A free case evaluation can help clarify whether you may be entitled to compensation for the exposure of your personal information.



More Information

Official Notice from Medicopy

Official Notice from Deaconess

Related Data Breaches