Patient data has potentially been compromised in data incidents at Southern Illinois Dermatology and Heart South Cardiovascular Group in Alabama.
Southern Illinois Dermatology and Heart South Cardiovascular Group have disclosed separate data security incidents that may have compromised sensitive patient information, underscoring the growing cybersecurity challenges facing healthcare providers. Both organizations initiated investigations with the support of third-party cybersecurity experts and have begun notifying affected individuals.
Southern Illinois Dermatology, based in Illinois, identified suspicious activity within its network on November 28, 2025. A subsequent investigation confirmed that an unauthorized party gained access to certain systems where patient data was stored, and files may have been copied. The potentially exposed information includes highly sensitive personal and protected health data such as names, addresses, dates of birth, Social Security numbers, contact details, and medical record numbers. The exact data involved varies by individual. Notification letters were mailed to affected patients starting April 2, 2026.
Although the organization has not officially attributed the attack, the Insomnia threat group has claimed responsibility, alleging that it obtained data belonging to more than 150,000 patients. The group reportedly published samples of the stolen data on its leak site and later released the full dataset. In response, Southern Illinois Dermatology stated that it has taken steps to enhance its cybersecurity posture and continues to review and strengthen its data protection measures.
In a separate incident, Heart South Cardiovascular Group, which operates cardiac care centers across Alabama, reported a potential data breach affecting up to 46,666 individuals. The organization became aware of the issue on November 11, 2025, after a threat actor claimed to possess sensitive data linked to its systems. While an internal investigation found no definitive evidence of unauthorized network access or data exfiltration, it confirmed that a limited dataset associated with Heart South had been posted online.
A comprehensive review to identify potentially impacted individuals was completed on February 12, 2026. As a precautionary measure, Heart South notified all individuals whose data was stored on the affected systems and is offering complimentary credit monitoring and identity theft protection services. The Rhysida threat group has claimed responsibility for the incident.
These incidents highlight the persistent risks to healthcare data, particularly as threat actors increasingly target organizations that store large volumes of sensitive patient information. The exposure of personal and medical data not only raises concerns around privacy but also increases the risk of identity theft and financial fraud, reinforcing the need for continuous investment in cybersecurity defenses across the healthcare sector.
Recommended Cyber Technology News :
- Hims & Hers Data Breach Raises Telehealth Security Risks
- Check City Data Breach Impacts 322K Users
- Data Breach Settlement: Cardiovascular Pays $3.85M
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
