What Happened?
In December 2024, Sturgis Hospital detected unauthorized activity in part of its computer network. Immediately, the company partnered with leading third-party cybersecurity experts to investigate and remediate the issue.
However, during that investigation, the company discovered additional unauthorized activity in June 2025. A separate team of experts was brought in to analyze the second incident and contain the intrusion.
After completing both investigations, Sturgis Hospital determined that an unauthorized third party may have accessed or acquired certain files containing sensitive information.
What Information was taken?
Based on the investigation, the unauthorized party potentially accessed or acquired a limited set of personal data belonging to patients and employees. Impacted information may have included:
Full name and contact information
Government identification numbers (including Social Security numbers)
Financial account details (such as bank account numbers)
Health insurance information
Clinical records, including prescriptions, treatment details, and medical history
This means both personal and health-related information could have been exposed.
What Sturgis Hospital Is Doing to Protect Individuals
If you may have been affected by theĀ data breach, you should take proactive steps to safeguard your information:
1. Monitor Financial Accounts
Regularly review bank, credit card, and health insurance statements for unauthorized activity.
2. Check Free Credit Reports
You can request free credit reports from Equifax, Experian, and TransUnion at AnnualCreditReport.com.
3. Place a Fraud Alert or Security Freeze
Protect your credit file by placing a fraud alert or a security freeze. Both are free and help block fraudulent activity.
4. Report Suspicious Activity
If you detect fraud or identity theft, report it immediately to law enforcement and the Federal Trade Commission (FTC) at IdentityTheft.gov.
Legal Options After a Data Breach
If your personal or health information was exposed in the Sturgis Hospital data breach, you may have legal rights. In many cases, victims of a data breach can seek compensation for:
Time spent securing accounts
Costs related to identity theft or fraud
Emotional distress caused by the exposure of sensitive information
Because data breach cases can be complex, it may help to speak with a data breach attorney. An experienced lawyer can explain your rights, review your situation, and advise whether you may be entitled to compensation.