Excerpt from HIPAA Journal Article, Published on January 6, 2026
A major healthcare data breach has been confirmed at Denton County MHMR Center, affecting the sensitive information of 108,967 individuals. The incident highlights ongoing cybersecurity challenges faced by public health organizations across the United States.
According to the report, the MHMR Center detected suspicious network activity on December 24, 2024. Shortly after, the organization launched an internal investigation to determine the scope of the intrusion. Investigators found that an unauthorized party accessed certain systems over a two – day period. As a result, patient data stored within those systems became exposed.
The compromised information included names, home addresses, dates of birth, patient identification numbers, medical diagnoses, treatment details, insurance data, and biometric identifiers. Because of the scale and sensitivity of the data involved, the Denton facility initially posted a substitute breach notice while the investigation continued. Later, regulators received formal notification once officials confirmed the extent of the breach.
Meanwhile, the organization informed the U.S. Department of Health and Human Services’ Office for Civil Rights and relevant state authorities. Additionally, the MHMR Center partnered with cybersecurity specialists to strengthen its network defenses. These actions included reviewing internal policies, improving monitoring tools, and limiting system access.
Notification letters were mailed to affected individuals nearly a year after the incident. Although investigators have not found evidence of misuse so far, the Denton breach raised concerns about delayed disclosures in healthcare incidents. Therefore, the center offered complimentary credit monitoring and identity protection services to impacted patients. Healthcare data breaches continue to rise, especially within behavioral health services. However, organizations can reduce risks through regular security audits, employee training, and tested incident response plans.
To delve deeper into this topic, Visit Hipaa Journal.
