On April 22, 2022, Phelps Health was notified by its vendor, MCG Health, LLC (“MCG”), that MCG had experienced a data security incident. On March 25, 2022, MCG determined that some personal information about certain Phelps Health patients maintained by MCG was previously obtained by an unauthorized party.  The affected patient information included some or all of the following data elements: names, Social Security numbers, medical codes, postal addresses, telephone numbers, email addresses, dates of birth and gender. 

Upon learning of this issue, Phelps Health and MCG took steps to understand the nature and scope of the data security incident. Additionally, MCG retained a leading forensic investigation firm to assist in its investigation and is coordinating with the FBI. MCG has deployed additional monitoring tools and will continue to enhance the security of its systems to prevent an incident like this from happening again. Phelps Health also takes seriously the privacy and security of patient information and will continue to monitor MCG’s efforts and its relationship with MCG to further protect such information. 

As a precaution, all affected individuals are recommended to take steps to protect their personal information and reduce the chances of identity theft, such as monitoring credit reports and reviewing account information to check for unfamiliar activity. If suspicious activity is observed, affected individuals should promptly contact the institution at which the account is maintained.

Affected individuals who may have questions or who would like additional information about this issue can contact a dedicated toll-free number at 866-475-7221 between Monday – Friday, 6 a.m. to 8 p.m. , PT or  Saturday – Sunday, 8 a.m. to 5 p.m., PT. If you have any questions, or would like to learn additional information, please contact Lisa Searcy at 573-458-7605 or

Join the Conversation


  1. It seems to me Phelps Health / MCG should pay for credit monitoring for the affected individuals for life. Their sloppy security, their responsibility.

  2. We received a letter about this in the mail.. my grandson that’s 8 years old has been affected by this… I really do not know how too handle this??? I need answers?

  3. I agree and if my grandsons SS # and etc. has been used (he is 8) due to the sloppy security they need too take care of any and all credit reports and expenses that may occur… I don’t know how any of this works but it’s very upsetting too know that I can not give out personal info and be assured that it is safe and no one can get it… my youngest daughter got a letter as well… we neeed to know what too do?!!

Leave a comment

Leave a Reply