Bradford Health Services Notifies Patients About 2023 Cyberattack
Data breaches have recently been announced by Bradford Health Services in Alabama, Doctors Hospital at Renaissance in Texas, and Molecular Testing Labs in Washington. Ransomware groups have claimed responsibility for attacks on Desert Behavioral Health in Nevada and Curewell Specialty Pharmacy & Surgicals in New York.
Bradford Health Services, Alabama
Bradford Health Services in Birmingham, Alabama, has issued a May 30, 2025, notice about a data security incident that was detected more than 18 months ago on December 8, 2023. According to the breach notice, an investigation was immediately initiated when unusual activity was identified within its network. The investigation confirmed that an unauthorized third party had accessed its network and may have viewed or acquired files containing patient data.
A thorough review was initiated of the affected files, and that process was completed on May 15, 2025. The data potentially compromised in the security incident included names, driver’s license numbers, dates of birth, diagnoses, treatment information, physician names, medical record numbers, health insurance information, financial account numbers, passport numbers, payment card numbers (plus a means of access to the account), and/or Social Security numbers. While sensitive data was exposed, Bradford Health Services said it is unaware of any misuse of patient data.
Notification letters were mailed to the affected individuals on May 30, 2025, and additional security measures have been implemented to enhance network security. While not mentioned in the notification letters, the Hunters International threat group claimed responsibility for the attack and said it exfiltrated 760 GB of data, then encrypted files using ransomware. The data breach is not shown on the HHS’ Office for Civil Rights website, so it is currently unclear how many individuals have been affected.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Doctors Hospital at Renaissance, Texas
Doctors Hospital at Renaissance (DHR Health) in Texas has experienced a cyberattack that involved unauthorized access to patient data. The security incident was identified in March 2025 and affected the functionality of its information systems. DHR Health said patient care was its highest priority, and care continued to be provided to patients without disruption. DHR Health has well-established backup protocols in place, and its staff was fully equipped to manage the situation effectively. The cyberattack exposed patient data, although the extent of the data breach has yet to be confirmed. The breach was reported to the HHS’ Office for Civil Rights on May 15, 2025, using a placeholder figure of at least 501 affected individuals.
CareNexa, LLC (Molecular Testing Labs), Washington
CareNexa, LLC, doing business as Molecular Testing Labs in Vancouver, WA, has confirmed that the protected health information of 7,711 individuals was compromised in a data breach at one of its business associates. Molecular Testing Labs used the managed service provider, Ntirety, which fell victim to a ransomware attack of Russian origin. The Ntirety network was compromised between March 7, 2025, and March 13, 2025. Data compromised in the incident included names, addresses, and information related to medical tests. Notification letters were mailed to the affected individuals on April 23, 2025. Molecular Testing Labs conducted its own investigation and claims to have identified “significant deficiencies, shortcomings, and omissions” in Ntirety’s security practices and procedures,” and is suing the managed service provider to recover its losses.
Mercy Surgical Dressing Group, Pennsylvania
Mercy Surgical Dressing Group, Inc., doing business as Mercy Supply Collaborative, has recently announced a security incident and data breach that has affected 4,159 individuals. Suspicious activity was identified within its computer network on December 25, 2024. Third-party cybersecurity specialists were engaged to assist with the investigation and determine the nature and scope of the unauthorized activity. The investigation confirmed that medical device and product information relating to certain customers was downloaded by a threat actor between December 18, 2024, and December 25, 2024. The data breach was limited to names and medical supply order information. Data security policies and procedures have been reviewed, and administrative and technical controls have been enhanced. Additional security training has also been provided to the workforce to reduce the risk of similar incidents in the future.
Ransomware Groups Claim Responsibility for Attacks on Two Healthcare Orgs
Ransomware groups have claimed responsibility for attacks on two healthcare organizations and have added them to their dark web data leak sites. The 3AM ransomware group has claimed responsibility for a March 2025 ransomware attack on Nevada-based Desert Behavioral Health, and the Space Bears threat group claimed responsibility for a May 2025 attack on Curewell Specialty Pharmacy & Surgicals. 3AM has uploaded all of the stolen Desert Behavioral Health data to its data leak site. At the time of writing, the post has received 38,850 views. Space Bears is threatening to release the data stolen from Curewell on Curewell Specialty Pharmacy & Surgicals on June 1, 2025. Neither healthcare provider has verified the validity of the threat actors’ claims.
