Alpine Lumber
December 14, 2025
•[ ransomware, data leak, personally identifiable information ]
Alpine Lumbers posted notice states that on December 22, 2025 it determined certain network devices were encrypted with ransomware. The companys investigation found that between December 14 and December 22, 2025 an unauthorized actor viewed and obtained files stored on a file server. Alpine completed its file review and determined on February 5, 2026 that the affected files included employment-purpose information such as names, addresses, Social Security numbers, dates of birth, and health insurance plan enrollment information, and may also have included policy numbers, medical information, government IDs, financial account data, and payment card data. Alpine stated it notified law enforcement and began mailing letters and offering credit monitoring.
Advanced Family Surgery Center (AFSC)
November 26, 2025
•[ data leak, healthcare, protected health information ]
Threat actors identifying as Genesis claimed they compromised Advanced Family Surgery Center (AFSC) in Oak Ridge, Tennessee, and later added the organization to their leak site, asserting that about 100 GB of data had been exfiltrated from company file servers. The reported dataset included healthcare data, personal data, financial data, user folders, and operational files. The reporting outlet reviewed sample files and indicated they contained protected health information such as patient names, dates of birth, full Social Security numbers, dates of service, physician details, and insurance information. At the time of reporting, no official public notification by the provider had been located.
Precipio Inc.
November 23, 2025
•[ unauthorized access, data leak, protected health information ]
Precipio posted a Notice of Data Event stating it learned on or about November 25, 2025 that an unauthorized user accessed an employees cloud-based storage account. The companys investigation (with third-party cybersecurity specialists) determined the unauthorized access occurred on or around November 23, 2025 and that certain files in the account were copied without authorization. Precipio stated the impacted information varies by person but may include identifiers and protected health information such as names, addresses, MRNs, DOB, clinical/treatment and procedure information, provider name, prescription information, and health insurance information. The notice said law enforcement was notified and that additional notifications would follow after file review completion.
Elmcrest Children’s Center, Inc.
August 12, 2025
•[ unauthorized access, data leak, health information ]
Elmcrest Childrens Center, Inc. detected unauthorized access to its computer network on August 12, 2025. The investigation determined that files containing information for approximately 23,500 individuals were accessed, including names, addresses, dates of birth, treatment details, and insurance information.
Laurel Health Centers
July 11, 2025
•[ unauthorized access, email compromise, data leak ]
Laurel Health Centers identified unauthorized access to portions of its email system during July 2025, which resulted in the potential exposure of personal and protected health information belonging to patients, as later disclosed in a public notice.
Orthopaedic Specialists of Connecticut
March 2, 2025
•[ data leak, unauthorized access, personally identifiable information ]
Names, dates of birth, Social Security numbers, insurance and medical information for 22,541 individuals were exposed after an unauthorized third party accessed the practices network on March 2, 2025, per the provider notice and HHS filing.
Munson Healthcare (via Cerner legacy systems)
January 22, 2025
•[ data leak, third party breach, healthcare data ]
Munson Healthcare confirmed that an unauthorized third party gained access to and obtained data maintained by its electronic health record vendor, Cerner, on legacy Cerner systems used by Munson. The investigation indicated access occurred at least as early as January 22, 2025, and could have exposed patient identifiers and clinical information, including Social Security numbers and medical record data. Munson and Cerner reported taking steps to secure the affected systems and notified impacted individuals with options for identity-protection services.
Middlesex Sheriff's Office
January 1, 2025
•[ data breach, protected health information, HIPAA ]
The Middlesex Sheriffs Office reported that a security breach occurred in January 2025 and that a comprehensive investigation (with state/federal law enforcement and private cybersecurity vendors) determined on November 19, 2025 that the incident involved unauthorized access to protected health information. The exposed PHI may have included names, home addresses, dates of birth, diagnoses, and other general health information related to individuals who may have received medical care through the Sheriffs Office. Public reporting indicated the breach represented a HIPAA-related incident; the organization did not specify the number of affected individuals in the public notice and did not disclose the initial access vector or whether any data was exfiltrated beyond unauthorized viewing/access.
EyeCare Partners
January 1, 2025
•[ email compromise, unauthorized access, data breach ]
EyeCare Partners disclosed that an unauthorized third party accessed certain ECP-managed email accounts between December 3, 2024 and January 28, 2025. The accessed files may have contained personal identifiers and limited health-related information, including addresses, dates of birth, Social Security numbers, drivers license numbers, health plan information, and limited clinical information; the notice emphasized that full medical records and detailed clinical information were not impacted. The organization reported the incident to Massachusetts regulators on February 4, 2026 and began outreach and remediation steps consistent with an email-system compromise.
ARC Community Services
November 4, 2024
•[ unauthorized activity, data breach, protected health information ]
ARC Community Services disclosed it became aware of unauthorized activity in its network on November 4, 2024 and initiated incident response actions, including taking systems offline until operations could be safely restored. During the ensuing investigation and data review, ARC determined that files containing protected health information (PHI) were taken from its network. The potentially affected PHI varies by individual but may include contact information (name/address), date of birth, medical record number, health information, drivers license number, and financial account information.
