Skip to main content
Female doctor looks over a tablet with her patient

Pomona Valley Hospital (PVHMC) Data Breach Investigation

Written by Joseph Lyon on . Posted in Data Breach.

According to figures reported to the U.S. Department of Health and Human Services Office for Civil Rights (HHS), over 13,000 individuals may have had their personal information compromised in the recent Pomona Valley Hospital data breach. Contact our legal team to learn more about the incident and to discuss your next steps.

What Happened at Pomona Valley Hospital Medical Center?

Letters were sent to victims of an alleged data security incident on March 22, 2024 by Pomona Valley Hospital Medical Center, which explain that a cyberattack on one of the hospital’s vendors may have impacted a large amount of patient data.

PVHMC says it has stopped using the vendor, though the damage may already be done to thousands of consumers whose data could be leaked. In February 2024, the third party confirmed that an unauthorized party had accessed patient management tools in late 2023.

Pomona Valley has been notifying individuals whose information may be impacted, which could include the following:

  • Name
  • Date of birth
  • Medical record number
  • Medical information (e.g., allergies, diagnoses, medications, doctors’ notes)

The Pomona Valley Hospital Medical Center data breach was only recently announced, and the investigation is still ongoing. What we know at the moment is that PVHMC uses third-party vendors to run patient management tools and at some point in November 2023, one vendor discovered that patient management tools were unavailable.

Pomona Valley Hospital Medical Center has sent out letters to victims, which should provide victims with more details about the cyberattack and a list of what information was compromised. If your personal data has been in fact leaked, it places you at an increased risk of medical identity theft and fraud. You should remain vigilant for unusual activity on your personal accounts, and can consider initiating a credit alert.

Our data privacy lawyers believe that any entity that collects and stores your information has a duty to protect it with reasonably secure networks. This responsibility rolls downhill to any third-party that a hospital shares data with. All parties involved may be held accountable if an act of negligence results in a data breach incident that affects you and your family. 

More About PVHMC

PVHMC is an acute care hospital serving eastern Los Angeles and western San Bernardino counties in California. Pomona Valley Hospital operates the Robert and Beverly Lewis Family Cancer Care Center, Stead Heart and Vascular Center, Women’s & Children’s Center, Trauma Center, Emergency Department, Neonatal Intensive Care Unit and Perinatal Center. PVHMC operates 14 service locations in Pomona, Claremont, Chino Hills, and La Verne.

If you receive a data breach notification letter from Pomona Valley, you should contact our data breach lawyers for a free case review. You may file a class action claim and you may be able to recover compensation for any damages and financial losses that result from this particular incident. We have filed numerous data breach lawsuits on behalf of plaintiffs in California and nationwide.