Sturdy Health Inc. Reports Data Breach Affecting Over 1,000 Patients
Sturdy Health Inc., a Massachusetts-based nonprofit health system, disclosed a data breach impacting 1,006 individuals across the U.S. The incident was reported to the U.S. Department of Health and Human Services on June 5, 2026.
Headquartered in Attleboro, Sturdy Health operates a full-service network, including Sturdy Memorial Hospital and outpatient care centers, providing specialized services such as cardiac care, oncology, maternity, primary care, and chronic disease management.
While the exact types of compromised data remain undisclosed, the breach involved protected health information (PHI), potentially including medical records, insurance details, or prescription data.
Current and former patients of Sturdy Memorial Hospital and its affiliated locations may receive direct notifications from the organization. Those who suspect they were affected but have not been contacted can reach out to Sturdy Health for further details and available support.
Source: https://www.claimdepot.com/data-breach/sturdy-health-2026
Sturdy Health cybersecurity rating report: https://www.rankiteo.com/company/sturdyhealth
"id": "STU1783960938",
"linkid": "sturdyhealth",
"type": "Breach",
"date": "6/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '1006',
'industry': 'Healthcare',
'location': 'Attleboro, Massachusetts, USA',
'name': 'Sturdy Health Inc.',
'type': 'Nonprofit Health System'}],
'customer_advisories': 'Current and former patients may receive direct '
'notifications. Affected individuals can contact '
'Sturdy Health for support.',
'data_breach': {'number_of_records_exposed': '1006',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Protected health information '
'(PHI), medical records, '
'insurance details, prescription '
'data'},
'date_publicly_disclosed': '2026-06-05',
'description': 'Sturdy Health Inc., a Massachusetts-based nonprofit health '
'system, disclosed a data breach impacting 1,006 individuals '
'across the U.S. The breach involved protected health '
'information (PHI), potentially including medical records, '
'insurance details, or prescription data.',
'impact': {'data_compromised': 'Protected health information (PHI), medical '
'records, insurance details, prescription data',
'identity_theft_risk': 'High'},
'references': [{'source': 'U.S. Department of Health and Human Services'}],
'regulatory_compliance': {'regulations_violated': 'HIPAA (potential)',
'regulatory_notifications': 'Reported to U.S. '
'Department of Health '
'and Human Services'},
'response': {'communication_strategy': 'Direct notifications to affected '
'patients'},
'title': 'Sturdy Health Inc. Data Breach Affecting Over 1,000 Patients',
'type': 'Data Breach'}