Small Georgia Medical Practice Closes Due to Cyberattack
A small medical practice in Alpharetta, Georgia, has been forced to close its doors due to a ransomware attack. Alpha Wellness and Alpha Medical Centre detected unusual network activity on February 3, 2025, and immediately launched an investigation. Third-party cybersecurity experts were engaged to assist and help determine the nature and scope of the unauthorized activity.
The investigation confirmed that patient data had been exposed and may have been exfiltrated from the network. The compromised information included names, addresses, email addresses, phone numbers, health insurance information, and medical appointment information.
Ascension Health Services LLC dba Alpha Wellness and Alpha Medical Centre recently reported the data breach to the HHS’ Office for Civil Rights as affecting 1,714 individuals. Those individuals have been advised to monitor their accounts and credit reports for unauthorized activity over the following 24 months. At the time of issuing notification letters, no misuse of patient data had been identified.
This appears to have been a ransomware attack by the RansomHub ransomware group. RansomHub added Alpha Wellness and Alpha Medical Centre to its dark web data leak site, along with samples of the stolen data. RansomHub ceased operations on March 3, 2025.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
“We are deeply saddened to share that Alpha Medical Centre has been the victim of a serious cybersecurity attack. As a result of this criminal act and its devastating impact, we have no choice but to close the practice. Our last day seeing patients will be Friday, April 18,” explained Dr. Singh and the Alpha Medical Centre Team in a website notice. “Thank you for allowing us to serve you and the Alpharetta community for the past 12+ years. We wish you all the best of health moving forward.”
Mid America Physician Services, Missouri
The Kansas City, MO-based women’s healthcare provider Mid America Physician Services (MAPS) is notifying patients about a network security incident that exposed their names, addresses, dates of birth, medical treatment information, billing information, and health insurance information.
Suspicious network activity was identified on or around November 14, 2024. Third-party cybersecurity experts were engaged to investigate the activity and confirmed on May 8, 2025, that patient data had been exposed and potentially stolen.
Notification letters were mailed to the affected individuals on July 15, 2025. The incident has yet to appear on the HHS’ Office for Civil Rights website, so it is unclear how many individuals have been affected.
