Data Breaches

Sandhills Medical Says Ransomware Breach Affects 170,000

It took the healthcare organization nearly one year to publicly disclose a data breach after it was targeted by Inc Ransom.

Published

Data breach

South Carolina-based healthcare provider Sandhills Medical Foundation has disclosed a data breach affecting nearly 170,000 individuals.

Sandhills Medical said in a data security incident notice on its website that it discovered a ransomware attack on May 8, 2025. 

It has since been working with law enforcement, cybersecurity experts, and a forensics firm to investigate the intrusion and determine its impact.

Now, nearly one year later, the healthcare organization has publicly disclosed the incident and notified affected individuals.

The company said the hackers obtained the personal information of “select patients”, but told the Maine Attorney General’s Office that nearly 170,000 people are affected

Compromised information includes name, date of birth, SSN, Taxpayer Identification Numbers, driver’s licenses, government-issued identification, passports, financial information, and personal health information.

Advertisement. Scroll to continue reading.

The Inc Ransom ransomware group listed Sandhills Medical on its leak website in early June 2025. 

The cybercrime group has since made the files allegedly stolen from the healthcare organization available for download.

Sandhills Medical listed on Inc Ransom website

Related: More healthcare data breaches

Related: Data Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000

Related: 38 Vulnerabilities Found in OpenEMR Medical Software

Related: Data Breach at Tennessee Hospital Affects 337,000

In this article:, ,

Related Content

University data breach

Data Breaches

University of Nottingham Confirms Breach After Hackers Leak Data

The ShinyHunters hacker group has taken credit for the attack, leaking more than 450,000 email addresses and other information.

3 days ago

Ransomware

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks

The authentication bypass vulnerability allows attackers to establish VPN connections without a valid password.

5 days ago

Data Breaches

174,000 Impacted by Lansing Community College Data Breach

Hackers accessed personal information stored on certain Lansing Community College systems in February 2025.

6 days ago

Ransomware

Silent Ransom Group Uses DNS Fast Flux in Attacks

Focusing on hacking law firms in the US, the ransomware group relies on fast flux to hide its C&C infrastructure.

6 days ago

Data Breaches

Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse

The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool.

6 days ago

Data Breaches

Hackers Leak DentaQuest Information Impacting 2.6 Million

The ShinyHunters extortion group leaked roughly 234 GB of data allegedly stolen from the dental benefits administrator.

June 5, 2026

Data Breaches

Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals

The company detected a network intrusion in March and an investigation showed that some files were stolen during the attack.

June 5, 2026

Data Breaches

IMA Diligence Services Data Breach Impacts 525,000 People

The affected individuals’ personal information was stolen from a legacy server managed by a third party.

June 3, 2026

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version