What Is This About?

If you recently received correspondence from Deaconess Health System (“Deaconess”) indicating that your personal or health information may have been involved in a data breach, we would like to speak with you about your rights and potential legal remedies. We are interested in speaking with affected individuals about potential claims and available remedies. Deaconess has publicly acknowledged a cybersecurity incident that may have exposed sensitive personal and protected health information of patients from Deaconess Henderson Hospital in Henderson, Kentucky, Deaconess Union County Hospital in Morganfield, Kentucky, and affiliated clinics.

What Happened?

On February 2, 2026, Deaconess became aware of a data security incident after its vendor, MediCopy, reported unauthorized access to its systems. The investigation determined that on January 13, 2026, an unauthorized individual accessed MediCopy’s cloud-based file-sharing platform and downloaded files containing patient information related to Release of Information (ROI) requests.

Following this discovery, Deaconess conducted a review of the affected files to identify impacted individuals. The incident was limited to certain patients of Deaconess Henderson Hospital, Deaconess Union County Hospital, and affiliated clinics whose records were subject to an ROI request. Importantly, the breach did not affect Deaconess’s internal IT systems or its electronic medical records system.

Deaconess has since provided public notice of the incident through its website and has begun to mail notice letters to impacted individuals.

What Information Was Impacted?

According to Deaconess, the following categories of sensitive personal and protected health information may have been involved:
    • Names;
    • Social Security numbers;
    • Dates of birth;
    • Medical record numbers;
    • Dates of service;
    • Health insurance identification numbers; and
    • Medical records related to treatment.
 

What Action Can You Take?

My Data Breach Attorney is investigating whether affected users are entitled to compensation. If you received a notice from Deaconess Health System (“Deaconess”) there is no cost or obligation to participate. Complete the form above to find out about your rights and potential legal remedies available.

About Deaconess Health System

Deaconess Health System, headquartered in Evansville, Indiana, is a regional healthcare provider that operates hospitals, clinics, and medical facilities, offering a wide range of healthcare services to patients across multiple locations in southwestern Indiana, western Kentucky, and southeastern Illinois.

About

My Data Breach Attorney

Backed by the nationally recognized law firm Levi & Korsinsky, we combine decades of legal expertise with an unwavering focus on consumer advocacy. Levi & Korsinsky is a nationally recognized consumer advocacy law firm that has recovered hundreds of millions of dollars against the largest of corporations. The firm is a 100% contingency firm – we don't get paid unless you get paid! Prior results do not guarantee similar outcomes.

Frequently Asked Questions

Know Your Legal Rights After a Data Breach Incident

A data breach occurs when sensitive, confidential, or protected information is accessed, disclosed, or stolen without authorization. This may include personal data, financial information, medical information, or business secrets.

Our firm provides the following services:

  • Investigating the breach and determining liability.
  • Filing lawsuits or claims against negligent companies.
  • Helping recover financial damages.
  • Advising on legal steps to protect your rights.

As a consumer, you have the right to:

  • Be notified of the breach under U.S. laws, such as the California Consumer Privacy Act (CCPA) or General Data Protection Regulation (GDPR) if applicable.
  • Seek compensation for financial or reputational harm.
  • Take legal action against the entity responsible for negligence.

Depending on the case, you may be entitled to:

  • Reimbursement for financial losses (e.g., identity theft).
  • Compensation for emotional distress or loss of privacy.
  • Punitive damages if negligence is proven.

Yes, time is critical. If you suspect your data has been compromised:

  • Secure your accounts by changing passwords.
  • Monitor your credit reports for unusual activity.
  • Contact a law firm to explore legal options for compensation.

Our firm works on a contingency fee basis, meaning you pay nothing upfront. We only get paid if we recover compensation for you.

Take Action. Choose My Data Breach Attorney