MediSecure Health Network Exposes 14 Million Patient Records in Catastrophic Data Breach

A ransomware-linked breach at MediSecure Health Network has exposed the personal health information of over 14 million patients across 38 US states. The attack, attributed to the BlackSuit ransomware group, compromised EHR databases containing Social Security numbers, diagnoses, and insurance data.

via BleepingComputer·January 14, 2025·2h ago

SHARE:𝕏 IN

#healthcare#HIPAA#ransomware#BlackSuit#data breach

A sweeping data breach at MediSecure Health Network has resulted in the unauthorized exposure of personal and medical records belonging to more than 14 million patients. The breach spans 38 states and affects anyone who received care at a MediSecure facility between 2019 and early 2025.

What Was Exposed

Compromised data includes full names, dates of birth, Social Security numbers, home addresses, health insurance policy numbers, diagnoses, treatment records, prescription histories, and financial account details. MediSecure confirmed that attackers accessed its primary electronic health record platform, MediCore EHR, as well as a secondary patient scheduling database.

Attribution and Attack Vector

Mandiant, engaged to lead the forensic investigation, has attributed the breach to the BlackSuit ransomware group—a successor to the Royal ransomware gang, which evolved from Conti. Initial access was gained through a phishing email targeting a privileged IT administrator in February 2025. Attackers maintained persistent access for approximately 47 days before encrypting systems and exfiltrating data.

The Ransom Demand

BlackSuit demanded $22 million in Bitcoin. MediSecure has stated publicly it did not pay the ransom. Approximately 1.2 million records were subsequently published on BlackSuit's dark web leak site as retaliation.

Regulatory and Legal Fallout

The Department of Health and Human Services' Office for Civil Rights (OCR) has opened a formal HIPAA investigation. At least four class-action lawsuits were filed within 48 hours. MediSecure faces potential penalties that attorneys estimate could exceed $100 million under HIPAA's tiered penalty structure.

What Patients Should Do

MediSecure is offering 24 months of free credit monitoring through Experian. Patients are advised to monitor Explanation of Benefits statements for fraudulent claims, place fraud alerts with all three major credit bureaus, and be vigilant for targeted phishing campaigns leveraging the exposed health data.

Industry Implications

This is the largest US healthcare data breach since Change Healthcare in 2024. Security researchers warn healthcare remains the most-targeted sector due to the high black-market value of medical records—typically ten times more valuable than credit card data—and historically underinvested cybersecurity budgets.

Source attribution: via BleepingComputer. HackWire aggregates and contextualizes publicly reported cybersecurity news for informational purposes.