South Carolina-based healthcare provider Sandhills Medical Foundation has disclosed a data breach affecting nearly 170,000 individuals.
Sandhills Medical said in a data security incident notice on its website that it discovered a ransomware attack on May 8, 2025.
It has since been working with law enforcement, cybersecurity experts, and a forensics firm to investigate the intrusion and determine its impact.
Now, nearly one year later, the healthcare organization has publicly disclosed the incident and notified affected individuals.
The company said the hackers obtained the personal information of “select patients”, but told the Maine Attorney General’s Office that nearly 170,000 people are affected.
Compromised information includes name, date of birth, SSN, Taxpayer Identification Numbers, driver’s licenses, government-issued identification, passports, financial information, and personal health information.
The Inc Ransom ransomware group listed Sandhills Medical on its leak website in early June 2025.
The cybercrime group has since made the files allegedly stolen from the healthcare organization available for download.
Related: More healthcare data breaches
Related: Data Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000
Related: 38 Vulnerabilities Found in OpenEMR Medical Software
