Skip to Main Content

R1 Provides Notice of Cybersecurity Incident


R1 is providing notice of a recent cybersecurity incident that involved certain individuals’ personal identifiable information and personal health information. 

On November 17, 2023, R1 RCM, Inc. (“R1”), a business associate of the St. Rose Dominican, Rose de Lima Campus, a Dignity Health hospital (“Dignity”), became aware that protected health information (“PHI”) associated with Dignity was in the possession of an unauthorized third party. R1 immediately began an investigation into the matter and determined a copy of this PHI was maintained on a server when such server was targeted by the exploitation of a zero-day vulnerability of GoAnywhere software by the same unauthorized third party on January 30, 2023 (the “GoAnywhere Event”). While it could not be definitively confirmed that the GoAnywhere Event was the source of the PHI, this notice is being issued out of an abundance of caution.

R1 undertook an analysis of the Dignity PHI and on January 11, 2024 determined that certain PHI, including patient name, contact information, date of birth, location of services, clinical and/or diagnosis information and patient account and/or medical record number was potentially impacted. Some individuals may have also had their Social Security number impacted.

Following the GoAnywhere Event, R1 rebuilt the impacted server and implemented the patch released by GoAnywhere designed to address the vulnerability at issue. Potentially impacted individuals are encouraged to remain vigilant to the possibility of fraud by reviewing account statements and monitoring free credit reports for any unauthorized activity and reporting any such activity. 

For more information, please call Kroll Identity Monitoring services (on the behalf of R1) at 866-495-4603, Monday through Friday, from 8:00 a.m. to 5:30 p.m. Central, excluding major U.S. holidays.