Mainline Health Systems Reports 101,000-Record Data Breach
Data breaches have been confirmed by Mainline Health Systems, Tallahassee Memorial Healthcare, Rural Health Services, Marquette County Medical Care Facility, Cardiology Associates of Fredericksburg, and AltaMed Health Services Corporation.
Mainline Health Systems, Arkansas
Mainline Health Systems, a Monticello-based medical and dental care provider serving communities in Southeast Arkansas, has recently notified the Maine Attorney General about an April 2024 security incident that involved unauthorized access to systems containing the personal and protected health information of 101,104 individuals.
The network intrusion was detected on April 10, 2024; however, it has taken 14 months for individual notification letters to be sent to the affected individuals. Mainline Health Systems started sending consumer notifications on June 20, 2025. According to the notification letters, law enforcement was notified about the intrusion soon after it was discovered, and third-party cybersecurity experts were engaged to investigate the incident and determine the extent of the compromise.
A file review was conducted to determine the individuals affected and the types of data involved, and that process was completed on May 21, 2025. Information compromised in the incident includes full names plus one or more of the following: date of birth, Social Security number, driver’s license number, financial account numbers and access information, payment cared numbers and access information, medical record numbers, patient ID, Medicaid number, health insurance information, diagnoses and treatment/procedure information, prescription information, clinical information, and provider name and location.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
At the time of issuing notifications, Mainline Health Systems was unaware of any misuse of the affected data. As a precaution against data misuse, individuals who had their Social Security numbers compromised in the incident have been offered complimentary credit monitoring services.
Tallahassee Memorial Healthcare, Florida
Tallahassee Memorial Healthcare in Florida has recently announced that it was affected by a hacking incident at Oracle Health. Tallahassee Memorial Healthcare was recently notified by Oracle Health that it had been affected and has confirmed that patient data was compromised in the incident.
The breach was limited to legacy Cerner servers, and its electronic medical record system was not affected. The unauthorized access started on January 22, 2025, and Tallahassee Memorial Healthcare was notified by Oracle Health on March 13, 2025, that patient data may have been exposed. Notification letters started to be mailed to the affected patients on June 13, 2025. It is currently unclear what data was compromised and how many individuals have been affected.
Rural Health Services, South Carolina
Rural Health Services, a primary healthcare provider serving patients in Aiken County, South Carolina, has notified 36,542 patients about a recent security breach. Unauthorized network access was identified, and the forensic investigation confirmed that an unauthorized third party had access to its network between January 15, 2025, and February 3, 2025.
While no evidence was found to indicate that any patient data had been misused, files containing patient information were exposed and may have been copied from the network. The file review confirmed that first and last names were compromised in combination with one or more of the following: date of birth, Social Security number, driver’s license number, passport number, financial account number, medical history, mental and physical treatment information, diagnosis information, prescription information, treating/referring physician, patient number, Medicare/Medicaid information, and health insurance information including policy number, member ID, and/or group number.
Marquette County Medical Care Facility, Michigan
Marquette County Medical Care Facility (MCMCF) in Ishpeming, Michigan, has announced that patient data may have been compromised in a recent business email compromise (BEC) attack. A threat actor gained access to the Microsoft Office 365 account of the human resources director, and the account was used to send phishing emails to contacts.
The compromised Microsoft Office 365 account has been secured, and all active logins have been terminated, with multifactor authentication now implemented on the account. The account has been reviewed and found to include sensitive information such as names, Social Security numbers, birth dates, bank details, and protected health information. MCMCF engaged third-party cybersecurity experts to conduct a full review of system security and security practices, and enhanced security protocols are being implemented. It is currently unclear how many individuals have been affected.
Cardiology Associates of Fredericksburg, Virginia
Cardiology Associates of Fredericksburg in Virginia has recently announced a security breach that potentially involved unauthorized access to patient data. Suspicious network activity was identified on February 17, 2025, and an investigation was launched to determine the nature and scope of the activity. Third-party cybersecurity experts were engaged to assist with the investigation and data review.
On June 10, 2025, it was confirmed that patient data had been exposed and may have been acquired. The exposed data varied from individual to individual and may have included patient names in combination with one or more of the following: address, email address, phone number, date of birth, date of service, cost of service, medical diagnosis and treatment information, health insurance information, and in a limited set of circumstances Social Security number. Privacy and security policies and procedures are being reviewed and enhanced, and notification letters have been mailed to the affected individuals.
The Massachusetts Attorney General was informed that 51 state residents had their data exposed in the incident, but it is unclear how many individuals in other states have been affected.
AltaMed Health Services Corporation, California
AltaMed Health Services Corporation, a provider of managed care services to members enrolled in the Medi-Cal program in Southern California, has notified the HHS’ Office for Civil Rights about a data breach affecting 4,530 individuals. Suspicious activity was identified within its email environment on August 9, 2024, and immediate action was taken to prevent further access. The forensic investigation confirmed that an unauthorized third party had access to an employee’s email account between August 5 and August 9, 2024, and may have viewed or copied patient data.
The email account review was concluded on April 16, 2025, when it was confirmed that protected health information had been exposed. The exposed data varied from individual to individual and may have included names in combination with one or more of the following: date of birth, Social Security number, driver’s license number/state license number, passport number, foreign national ID number, personal email, personal telephone, medical record number, Medicare/Medicaid ID, medical billing information, doctor/provider name, date(s) of service, payment for health services, medical history, medical treatment information, mental or physical condition or diagnosis, procedure information, COVID-19 test result/vaccination status, prescription information, incidental health reference, health insurance policy number, other health insurance information, handwritten or digital signature, genetic data, mother’s maiden name, and username and password.
