**Millcreek Healthcare Data Breach Exposes Sensitive Patient Information**
Millcreek, a healthcare provider, recently disclosed a data breach involving unauthorized access to its network, potentially compromising sensitive personal and health information. The incident was detected on or around February 25, 2025, prompting an immediate investigation.
Millcreek confirmed that an unauthorized third party accessed or acquired data between February 17 and February 25, 2025. The exposed information varies by individual but may include names, Social Security numbers, dates of birth, driver’s license numbers, medical record details, diagnosis information, treatment records, and healthcare claims data.
On November 21, 2025, Millcreek published a breach notice on its website and began mailing notifications to affected individuals. The company also filed an official report with the U.S. Department of Health and Human Services’ Office for Civil Rights. As part of its response, Millcreek is offering impacted individuals complimentary credit monitoring services and details on the specific data exposed.
Source: https://straussborrelli.com/2025/12/09/millcreek-pediatrics-data-breach-investigation/
MILLCREEK OUTCOMES GROUP LLC cybersecurity rating report: https://www.rankiteo.com/company/millcreek-outcomes-group-llc
"id": "MIL1765346561",
"linkid": "millcreek-outcomes-group-llc",
"type": "Breach",
"date": "12/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Impacted individuals identified '
'through review',
'industry': 'Healthcare',
'name': 'Millcreek',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unauthorized Access',
'customer_advisories': 'Breach notification letters mailed to impacted '
'individuals',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Name',
'Social Security number',
'Date of birth',
'Driver’s license number and/or '
'state identification number',
'Medical record number',
'Patient identification number',
'Diagnosis/conditions '
'information',
'Provider information',
'Dates of service',
'Healthcare claims information',
'Clinical/treatment '
'information']},
'date_detected': '2025-02-25',
'date_publicly_disclosed': '2025-11-21',
'description': 'Millcreek experienced a data breach in which sensitive '
'personal identifiable information and protected health '
'information may have been compromised due to unauthorized '
'access to its network.',
'impact': {'data_compromised': 'Sensitive personal identifiable information '
'and protected health information',
'identity_theft_risk': 'High',
'systems_affected': 'Network systems'},
'investigation_status': 'Completed',
'recommendations': 'Providing affected individuals with complimentary credit '
'monitoring services',
'references': [{'source': 'Millcreek Breach Notice'}],
'regulatory_compliance': {'regulations_violated': 'HIPAA',
'regulatory_notifications': 'Filed notice with the '
'U.S. Department of '
'Health and Human '
'Services’ Office for '
'Civil Rights'},
'response': {'communication_strategy': 'Posted notice on website and mailed '
'breach notification letters'},
'title': 'Millcreek Data Breach',
'type': 'Data Breach'}