Norton Healthcare Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating Norton Healthcare regarding its recent data breach. The Norton Healthcare data breach may have involved sensitive information belonging to an undetermined number of individuals.


Norton Healthcare is a hospital and health care company serving adults and pediatric patients. As a provider of health care services, Norton Healthcare offers behavioral health services, cancer care, heart and vascular care, immediate care, prevention and wellness, and sports health. Founded in 1886, Norton Healthcare began when Mary Louise Sutton Norton sold her home and used the money to open the John N. Norton Memorial infirmary, a hospital named in her husband’s memory. Today, Norton Healthcare has grown to have more than 340 locations across Kentucky and southern Indiana. Headquartered in Louisville, Kentucky, Norton Healthcare employs over 13,000 individuals with 2,000 qualified physicians on its medical staff.


On May 9, 2023, Norton Healthcare discovered that it had experienced a data breach in which sensitive information in its systems may have been accessed. On May 25, 2023, a known ransomware group took responsibility for the data breach and claimed to have stolen 4.7 TB of data belonging to Norton Healthcare. According to reports online, the ransomware group provided several files as proof of access to Norton Healthcare’s system. The ransomware group also claimed to have obtained millions of Social Security numbers from Norton Healthcare. On May 24, 2023, Norton Healthcare disclosed on its website that a cyber event occurred on its network.

If you are a current or former patient or employee of Norton Healthcare:

We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at (608) 237-1775 or

If you were impacted by the Norton Healthcare data breach, you may consider taking the following steps to protect your personal information.

  1. Change passwords and security questions for online accounts;
  2. Regularly review account statements for signs of fraud or unauthorized activity;
  3. Monitor credit reports for signs of identity theft; and
  4. Contact a credit bureau(s) to request a temporary fraud alert.

Share This Post: