Sandhills Medical Foundation Breach Exposes Data of 170,000
AI-generated from multiple sources. Verify before acting on this reporting.
COLUMBIA, S.C. — The Sandhills Medical Foundation disclosed a ransomware breach that compromised the personal and health information of nearly 170,000 individuals, following a cyberattack attributed to the Inc Ransom group. The South Carolina-based organization confirmed the incident on Wednesday, stating that sensitive data was stolen and subsequently made available by the threat actors.
The breach involved the unauthorized access of patient records, including names, dates of birth, Social Security numbers, and medical history. The Inc Ransom group, known for targeting healthcare and non-profit sectors, claimed responsibility for the intrusion and has published portions of the stolen data on its dark web leak site. The foundation's notification to affected individuals indicates that the attack occurred over a period spanning several weeks prior to the discovery of the breach.
Sandhills Medical Foundation, which provides medical services and support to underserved communities in the region, launched an immediate investigation upon detecting the unauthorized access. Cybersecurity experts were engaged to assess the scope of the intrusion and secure the organization's network infrastructure. The foundation has notified state authorities and is cooperating with federal law enforcement agencies to track the perpetrators.
The incident underscores the growing vulnerability of healthcare organizations to cyberattacks, which have increased in frequency and sophistication over the past year. Ransomware groups have increasingly targeted medical facilities due to the critical nature of their services and the high value of patient data on the black market. The exposure of health information poses significant risks to victims, including identity theft, financial fraud, and potential misuse of medical records.
Affected individuals are being advised to monitor their credit reports and financial accounts for suspicious activity. The foundation has established a dedicated support line to assist victims with questions regarding the breach and to provide guidance on protective measures. Credit monitoring services have been offered to those whose Social Security numbers were exposed.
The full extent of the data compromised remains under review as investigators continue to analyze the scope of the breach. Questions remain regarding whether the stolen information has been fully decrypted or if additional data was exfiltrated during the attack. The foundation has not disclosed whether a ransom was paid to the attackers, a detail that is often withheld to avoid encouraging further demands.
As the investigation continues, the Sandhills Medical Foundation is working to restore systems and enhance security protocols to prevent future incidents. The organization has committed to transparency with its stakeholders and is expected to provide further updates as more information becomes available. The incident serves as a stark reminder of the persistent threat posed by cybercriminals to the healthcare sector.