Lone Peak Psychiatry Data Breach Exposes Patient Medical Records
Lone Peak Psychiatry, a Utah-based mental health practice, has reported a data breach that may have compromised sensitive patient information, including medical records. The incident was disclosed in an April 13, 2026, filing with the Massachusetts Office of Consumer Affairs and Business Regulation, which confirmed at least one state resident was affected.
Notifications to impacted individuals began on April 7, 2026, via first-class mail. However, the breach notification lacks key details, including the exact timeline of the incident, how it was discovered, or which systems were compromised. While the filing specifies that medical records were exposed, the full scope of affected data such as names, addresses, or other personal details remains unclear. The total number of individuals impacted nationwide has not been publicly disclosed.
In response, Lone Peak Psychiatry is offering affected patients 24 months of complimentary credit monitoring through Cyberscout, a TransUnion subsidiary. Services include single-bureau credit monitoring, a credit report, and a credit score. Enrollment requires a unique code from the notification letter and must be completed within 90 days. The practice has also set up a dedicated helpline (1-800-405-6108) for breach-related inquiries, staffed by fraud specialists Monday through Friday, 8 a.m. to 8 p.m. Eastern time, for 90 days post-notification. Additional support includes proactive fraud assistance and guidance on placing or lifting credit freezes with Equifax, Experian, and TransUnion.
Source: https://www.claimdepot.com/data-breach/lone-peak-psychiatry-2026
Lone Peak Psychiatry cybersecurity rating report: https://www.rankiteo.com/company/lone-peak-psychiatry
"id": "LON1776206073",
"linkid": "lone-peak-psychiatry",
"type": "Breach",
"date": "4/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Mental Health',
'location': 'Utah, USA',
'name': 'Lone Peak Psychiatry',
'type': 'Healthcare Provider'}],
'customer_advisories': '24 months of complimentary credit monitoring via '
'Cyberscout, fraud assistance, credit freeze guidance',
'data_breach': {'personally_identifiable_information': 'Potentially included '
'(names, addresses)',
'sensitivity_of_data': 'High (medical records)',
'type_of_data_compromised': 'Medical records, potentially '
'personally identifiable '
'information'},
'date_publicly_disclosed': '2026-04-13',
'description': 'Lone Peak Psychiatry, a Utah-based mental health practice, '
'reported a data breach that may have compromised sensitive '
'patient information, including medical records. The breach '
'was disclosed in an April 13, 2026, filing with the '
'Massachusetts Office of Consumer Affairs and Business '
'Regulation, confirming at least one state resident was '
'affected. Notifications to impacted individuals began on '
'April 7, 2026, via first-class mail. The breach notification '
'lacks details on the incident timeline, discovery method, or '
'compromised systems. While medical records were exposed, the '
'full scope of affected data remains unclear.',
'impact': {'data_compromised': 'Medical records, potentially names, '
'addresses, or other personal details',
'identity_theft_risk': 'High (due to medical records exposure)'},
'references': [{'source': 'Massachusetts Office of Consumer Affairs and '
'Business Regulation'}],
'regulatory_compliance': {'regulatory_notifications': 'Filed with '
'Massachusetts Office '
'of Consumer Affairs '
'and Business '
'Regulation'},
'response': {'communication_strategy': 'First-class mail notifications, '
'dedicated helpline, credit monitoring '
'offer',
'third_party_assistance': 'Cyberscout (TransUnion subsidiary)'},
'title': 'Lone Peak Psychiatry Data Breach Exposes Patient Medical Records',
'type': 'Data Breach'}