BayMark Health Services, a US healthcare provider specializing in treating substance abuse and mental health issues, fell victim to a cyberattack in September 2024, resulting in the theft of sensitive patient data. While the exact number of affected individuals remains undisclosed, the company confirmed the breach in a filing with the Attorney General of California. The unauthorized access by threat actors exposed a range of personal information, including Social Security numbers, driver’s license numbers, dates of birth, treatment details, and more, potentially putting patients at risk of identity theft and cybercrime.

Following an investigation, BayMark is taking steps to address the incident by offering free Equifax identity monitoring services for a year to impacted patients. Although the identity of the attackers was not disclosed by the company, it was revealed by BleepingComputer that the RansomHub ransomware gang claimed responsibility for the breach. The cybercriminals boasted about stealing 1.5TB of data from BayMark and published the information on a leak site. The emergence of RansomHub signals a concerning trend in ransomware activities, with this group being a newcomer following the notorious ALPHV group’s criminal activities.

In light of this breach, cybersecurity remains a critical concern for organizations and individuals alike. Stay informed about potential security threats, explore top antivirus tools available, and consider implementing effective endpoint protection solutions to safeguard your data and privacy.