
Sandhills Medical Foundation reveals a ransomware breach impacting nearly 170,000 individuals, with significant personal information compromised.
Key Points:
- Ransomware attack discovered on May 8, 2025.
- Nearly 170,000 individuals have had their data compromised.
- Compromised data includes personal health information and social security numbers.
- The Inc Ransom group has publicly listed Sandhills Medical on its leak website.
- The healthcare provider is cooperating with law enforcement and cybersecurity experts.
Sandhills Medical Foundation, located in South Carolina, has announced a significant data breach stemming from a ransomware attack identified on May 8, 2025. This incident has resulted in almost 170,000 individuals being affected, as the healthcare organization has acknowledged that hackers accessed sensitive personal information belonging to select patients. The breach has raised alarms, as the compromised data includes crucial information such as names, dates of birth, social security numbers, and personal health details, putting the affected individuals at heightened risk for identity theft and fraud.
The situation has been compounded by the involvement of the Inc Ransom ransomware group, which has indicated that it possesses the files stolen from Sandhills Medical and has made them available for public download on its leak site as of early June 2025. In response to this incident, Sandhills Medical is currently collaborating with law enforcement, cybersecurity experts, and forensic investigators to assess the full extent of the breach and implement measures to protect affected individuals. The disclosure of this breach nearly a year after its occurrence underscores the persistent vulnerability of healthcare organizations and the critical importance of robust cybersecurity practices.
What steps should healthcare organizations take to prevent ransomware attacks in the future?
Learn More: Security Week
Want to stay updated on the latest cyber threats?