PALOS PARK, Ill.--(BUSINESS WIRE)--Heart Care Centers of Illinois (“HCCI”), located at 13011 S. 104th Avenue, Suite 100, Palos Park, IL 60464, is issuing this notice about a data security incident that may have resulted in unauthorized access to certain personal and protected health information of its employees and patients. Please know that HCCI moved swiftly to investigate and remediate the incident. Information about the incident, HCCI’s response, and the steps you may take to help protect your information are detailed below.
Importantly, HCCI does not have any reason to believe that there has been any identity theft, fraud or misuse of information in connection with this incident.
What Happened? On January 15, 2026, while investigating an unsuccessful phishing attempt, HCCI discovered historical suspicious activity in connection with an employee’s email account. In response, HCCI promptly initiated an investigation with the assistance of third-party forensics specialists and moved swiftly to remediate the unauthorized activity.
The third-party investigation revealed evidence of a successful historical phishing attack that resulted in unauthorized access to the employee’s account from August 22, 2024 to November 6, 2024. As such, HCCI engaged a third-party data analytics firm to conduct a review of the email account to determine the types of information potentially accessible and to identify to whom the information relates. This review completed on June 11, 2026, at which time, HCCI determined that certain protected information may have been subject to unauthorized access by the unauthorized actor. Thereafter, HCCI moved swiftly to notify potentially affected individuals and regulators as required by law.
What Information Was Involved? The impacted information varies by individual but may have included certain of the following data elements: name, mailing address, Social Security number, date of birth, driver’s license number/state identification number, payment card information, financial account number, passport number, medical information, including treatment, condition and diagnosis information, prescription information, health insurance information, provider information, and telephone and fax number.
HCCI Response. HCCI is committed to, and takes very seriously, its responsibility to protect all data entrusted to it. Upon becoming aware of the historic activity, HCCI promptly took steps to investigate and ensure the matter was fully remediated. As part of its ongoing commitment to data privacy and security, HCCI is reviewing our existing policies and security measures currently in place to protect against similar incidents moving forward.
HCCI mailed notification letters to potentially affected individuals beginning July 10, 2026. HCCI also posted a statement about the incident on its website and issued this press release. Further, to help protect individuals’ information, HCCI provided potentially affected individuals with access to complimentary credit monitoring and identity restoration services through Epiq.
What Potentially Affected Individuals Can Do. As a best practice, HCCI encourages individuals to continue to remain vigilant against incidents of identity theft and fraud by reviewing financial account statements and credit reports for any anomalies. HCCI also encourages individuals to enroll to receive the complimentary services being offered. If you are one of the potentially affected individuals, a call center agent can help you enroll in the complimentary credit monitoring and identity restoration services HCCI is offering. Please note the deadline to enroll in the complimentary services is October 31, 2026.
For More Information. For questions, please contact the dedicated assistance line that HCCI has established regarding this matter by dialing 888-616-9388, Monday through Friday 8 am to 8 pm Central Time, excluding U.S. holidays.
Contacts
Naomi Solnick
nsolnick@goodwinlaw.com





