Artemis Healthcare Falls Victim to Ransomware Attack
Tennessee-based Artemis Healthcare has experienced a ransomware attack involving data theft, and email account breaches have been announced by Greater St. Louis Oral & Maxillofacial Surgery in Missouri and St. John’s Riverside Hospital in New York.
Artemis Healthcare, Tennessee
Artemis Healthcare in Nashville, Tennessee, has recently announced a data security incident that was identified on May 31, 2025. According to the notification sent to the Vermont Attorney General, Artemis Healthcare confirmed that it was the target of a ransomware group, which accessed its network from May 5, 2025, to May 31, 2025.
The investigation confirmed on September 12, 2025, that the ransomware group accessed personally identifiable and protected health information, including names, addresses, dates of birth, Social Security numbers, and health information. The Crypto24 ransomware group took responsibility for the attack and claimed on its dark web data leak site to have exfiltrated 1 terabyte of data, including image files for millions of patients. The stolen data has been leaked, indicating the ransom was not paid.
Artemis Healthcare said it has updated its security policies and procedures and provided additional training to its workforce to prevent similar incidents in the future. The HHS’ Office for Civil Rights breach portal shows 45867 had their protected health information exposed in the incident.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
Greater St. Louis Oral & Maxillofacial Surgery, Missouri
Greater St. Louis Oral & Maxillofacial Surgery in Missouri has announced a recent data breach involving unauthorized access to an employee’s email account. The email account breach was detected in October 2025, and the investigation confirmed that an unauthorized third party accessed the account after the employee responded to a phishing email and disclosed their credentials. When suspicious activity was identified in the account, the account password was promptly reset, session tokens were revoked, and multifactor authentication was reset. Third-party cybersecurity experts were engaged to investigate the incident and confirm the security of the email environment.
The email account is still being reviewed, but it has been confirmed that the data exposed in the incident included names, telephone numbers, dates of service, treatment codes, brief descriptions of treatment, and health insurance information. The data breach has been reported to the HHS’ Office for Civil Rights, using an interim total of at least 501 individuals. The total will be updated and notifications issued when the review process is concluded.
St. John’s Riverside Hospital, New York
St. John’s Riverside Hospital in Yonkers, New York, has announced a data breach affecting 2,238 individuals. In September 2025, suspicious activity was identified in the email accounts of certain employees. Immediate action was taken to secure the accounts, and third-party cybersecurity professionals were engaged to investigate the incident. The affected accounts were found to contain patient information such as names, dates of birth, Social Security numbers, driver’s license or state identification numbers, financial account numbers, health insurance information, medical condition information, treatment provider names, medical record numbers, treatment cost information, diagnoses, and/or treatment information.
St. John’s Riverside Hospital said it has not identified any misuse of the exposed information and that the aim of the attack appears to have been to reroute payment funds and send further phishing emails, rather than to obtain patient data; however, the affected individuals have been advised to remain vigilant against identity theft and fraud.
