Marlboro-Chesterfield Pathology (MCP), a full service anatomic pathology lab in North Carolina, was recently targeted in a ransomware attack that resulted in many personal information records getting stolen.
In a data breach notice published on its website, Marlboro-Chesterfield Pathology said it discovered unauthorized activity on some internal IT systems on January 16, 2025. An investigation revealed that the hackers had stolen some files.
The compromised data includes personal information such as name, address, date of birth, medical treatment information, and health insurance information. The stolen information varies by individual.
MCP informed the US Department of Health and Human Services (HHS) this week that the incident impacted 235,911 individuals.
A ransomware group named SafePay, which recently also targeted business services provider Conduent, took credit for the attack on MCP in late January.
However, at the time of writing, MCP no longer appears to be listed on SafePay’s leak website, which could indicate that a ransom has been paid.
SecurityWeek has reached out to the company for clarifications and will update this article if it responds.
It’s not uncommon for healthcare data breaches to impact hundreds of thousands of individuals, and some incidents affect millions and even tens of millions.
Related: Ransomware Attack Forces Kettering Health to Cancel Procedures
Related: 480,000 Catholic Health Patients Impacted by Serviceaide Data Leak
Related: 200,000 Harbin Clinic Patients Impacted by NRS Data Breach
