CAMDEN, NEW JERSEY – May 23, 2025 – The Cooper Health System (“Cooper”) has learned of a data security incident that may have impacted data belonging to certain current and former patients.
On March 26, 2025, Cooper learned that certain personal / protected health information was accessed and acquired without authorization by an unknown actor on or about May 14, 2024. In May 2024, Cooper became aware of unusual network activity and immediately took steps to secure our systems. We also engaged cybersecurity experts to assist with this process and to conduct an investigation into what happened and determine if any Cooper data was potentially accessed or acquired without authorization. As a result of the investigation, we learned that certain data stored in our systems was potentially acquired without authorization during the incident.
Cooper undertook a comprehensive review of the impacted data to identify the individuals and information involved, which concluded on March 26, 2025. Cooper then took steps to provide notification as quickly as possible.
The potentially affected information may have included individuals’ names, dates of birth, Social Security numbers, health insurance information, treatment information, medical record number, and medical history information. Please note that not all data elements were affected for all individuals.
Cooper has reported this incident to the Federal Bureau of Investigation and implemented additional measures to enhance network security and minimize the risk of a similar incident occurring in the future.
Cooper has established a toll-free call center to answer questions about the incident and to address related concerns. Call center representatives are available Monday through Friday between 9am – 9pm ET, excluding holidays, and can be reached at 1-877-623-0094.
While we are not aware of the misuse of any potentially affected individual’s information, we are providing the following information to help those wanting to know more about steps they can take to protect themselves and their personal information:
What steps can I take to protect my personal information?
- Please notify your financial institution immediately if you detect any suspicious activity on any of your accounts, including unauthorized transactions or new accounts opened in your name that you do not recognize. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities.
- You can request a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To do so, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is listed at the bottom of this page.
- You can take steps recommended by the Federal Trade Commission to protect yourself from identify theft. The FTC’s website offers helpful information at www.ftc.gov/idtheft.
- Additional information on what you can do to better protect yourself is included in your notification letter.
How do I get a copy of my credit report?
You may obtain a free copy of your credit report from each of the three major credit reporting agencies once every 12 months by visiting http://www.annualcreditreport.com/, calling toll-free 877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You can print this form at https://www.annualcreditreport.com/cra/requestformfinal.pdf. You also can contact one of the following three national credit reporting agencies:
- Equifax, P.O. Box 740241, Atlanta, GA 30374, 1-800-525-6285, www.equifax.com.
- Experian, P.O. Box 9532, Allen, TX 75013, 1-888-397-3742, www.experian.com.
- TransUnion, P.O. Box 2000, Chester, PA 19016, 833-799-5355 , www.transunion.com/get-credit-report.
How do I put a fraud alert on my account?
There are two kinds of general fraud alerts you can place on your credit report—an initial alert and an extended alert. You may want to consider placing either or both fraud alerts on your credit report. An initial fraud alert is free and will stay on your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your report and requests that the creditor contact you prior to establishing any accounts in your name. You may have an extended alert placed on your credit report if you have already been a victim of identity theft and provide the appropriate documentary poof. An extended fraud alert is also free and will stay on your credit report for seven years. To place a fraud alert on your credit report, contact any of the three credit reporting agencies identified above. Additional information is available at http://www.annualcreditreport.com. Military members may also place an Active Duty Military Fraud Alert on their credit reports while deployed. An Active Duty Military Fraud Alert lasts for one year and can be renewed for the length of your deployment
How do I put a security freeze on my credit reports?
Under U.S. law, you have the right to put a credit freeze, also known as a security freeze, on your credit file, for up to one year at no cost. The freeze will prevent new credit from being opened in your name without the use of a PIN number that is issued to you when you initiate the freeze. A security freeze is designed to prevent potential creditors from accessing your credit report without your consent. As a result, using a security freeze may interfere with or delay your ability to obtain credit.
You must separately place a security freeze on your credit file with each credit reporting agency. There is no fee to place or lift a security freeze. For information and instructions on how to place a security freeze, contact any of the credit reporting agencies or the FTC identified above. In order to place a security freeze, you may be required to provide the consumer reporting agency with information that identifies you including your full name, Social Security number, date of birth, current and previous addresses, a copy of your state-issued identification card, and a recent utility bill, bank statement or insurance statement. After receiving your freeze request, each credit bureau will provide you with a unique PIN or password. Keep the PIN or password in a safe place as you will need it if you choose to lift the freeze.
A freeze remains in place until you ask the credit bureau to temporarily lift it or remove it altogether. If the request is made online or via phone, a credit bureau must lift the credit freeze within an hour. If the request is made by mail then the bureau must lift the freeze no later than three business days after receiving your request.
What should I do if my family member was involved in the incident and is deceased?
You may choose to notify the three major credit bureaus, Equifax, Experian and Trans Union, and request they flag the deceased credit file. This will prevent the credit file information from being used to open credit. To make this request, mail a copy of your family member’s death certificate to each company at the addresses below.