Major Healthcare Data Breaches Impact Over 560,000 Individuals

In the past week, four healthcare organizations—Hillcrest Convalescent Center, Gastroenterology Associates of Central Florida, Community Care Alliance, and Sunflower Medical Group—reported significant data breaches that collectively impacted more than 560,000 individuals. These breaches exposed sensitive personal and medical data, highlighting the growing threat of cyberattacks on the healthcare sector.

Sunflower Medical Group Breach: Largest in Scope

The most extensive breach was reported by Sunflower Medical Group, a Kansas-based healthcare provider. The organization detected the breach on January 7, 2025, revealing that cybercriminals had accessed its systems since December 15, 2024. The exposed data includes:

• Personal information: Name, address, date of birth

• Identification data: Social Security number, driver’s license number

• Medical records: Health insurance and medical history details

The Rhysida ransomware group claimed responsibility for this attack in January 2025, boasting that they had stolen over 3 terabytes of files. The group initially stated that 400,000 individuals were affected, but Sunflower Medical Group later disclosed to the Maine Attorney General’s Office that the official impact was 220,000 individuals.

Hillcrest Convalescent Center Breach: Nursing Home Targeted

Hillcrest Convalescent Center, a North Carolina-based nursing and rehabilitation center, reported a security incident that began in late June 2024. Following an investigation, it was determined that cybercriminals had gained access to its systems and extracted the following sensitive information:

• Names and Social Security numbers

• Dates of birth

• Financial account details

• Government-issued identification numbers

• Medical and health insurance information

The breach impacted over 106,000 individuals, making it one of the most severe healthcare data breaches in recent months.

Gastroenterology Associates of Central Florida Breach: Stolen Patient Records

Gastroenterology Associates of Central Florida (also known as Center for Digestive Health) suffered a data breach in April 2024, which was later attributed to the BianLian ransomware group in May 2024. This breach exposed critical patient details, including:

• Names and Social Security numbers

• Dates of birth

• Health records

In total, over 122,000 individuals were affected by this breach, underscoring the increasing risk to specialized healthcare providers.

Community Care Alliance Breach: Cyberattack on Patient Data

Community Care Alliance, a Rhode Island-based healthcare provider, suffered a security breach in early July 2024. The investigation, completed in January 2025, found that cybercriminals may have stolen:

• Personal details: Name, address, birth date

• Identification records: Driver’s license and Social Security numbers

• Medical data: Diagnosis information, lab results, insurance details, and treatment records

This breach impacted approximately 115,000 individuals. The Rhysida ransomware group also claimed responsibility for this attack in late July 2024.

Healthcare Sector: A Growing Target for Cybercrime

The healthcare industry remains a prime target for cybercriminals due to the high value of medical records on the black market. In 2024 alone, the U.S. government recorded 720 healthcare data breaches, affecting a staggering 186 million user records.

Preventative Measures and Response

In response to these breaches, affected organizations have:

• Notified regulatory authorities such as the Maine Attorney General’s Office and the Department of Health and Human Services.

• Conducted forensic investigations to assess the full scope of the incidents.

• Offered free credit monitoring to impacted individuals.

• Worked to improve cybersecurity measures to prevent future attacks.

Conclusion

These recent healthcare data breaches underscore the urgent need for enhanced cybersecurity measures within the healthcare industry. With ransomware groups becoming increasingly sophisticated, healthcare providers must strengthen their defenses, implement regular security audits, and educate employees on cybersecurity best practices to protect sensitive patient information from malicious actors.