Coos County Health Breach Impacts 40,185 Individuals

Coos County Family Health Services, a health care provider in New Hampshire, experienced a cyberattack that impacted 40,185 current and former patients. On July 9, 2025, the practice detected suspicious activity within it's internal network. An investigation took place and revealed that an unauthorized actor gained access to systems and may have viewed or copied sensitive data.

On Aug. 12, 2025, a review determined that the compromised files contained both personally identifiable information (PII) and protected health information (PHI) belonging to patients. Exposed information included names, dates of birth, contact information, Social Security numbers, medical identification numbers and medical information.

On Aug. 13, 2025, the ransomware group known as Run Some Wares claimed responsibility for the attack, stating on a dark web forum that they had obtained data from Coos County Family Health Services. The group’s claim was posted on the Tor network, further confirming the cybercriminal nature of the incident.

The data breach was disclosed to the U.S. Department of Health and Human Services on Sept. 5, 2025. Coos County Family Health Services began notifying impacted individuals by mail on Oct. 8, 2025. The healthcare organization also published a Notice of Privacy Incident on its website.

The incident was also reported to Maine Attorney General’s office and the Massachusetts Attorney General’s office on Oct. 9, 2025. Affected individuals includes 1,222 Maine residents and 365 in Massachusetts.

Coos County Family Health Services' response

After discovering the breach, Coos County Family Health Services took steps to secure its systems and notified law enforcement. The company is also offering current and former patients impacted by the breach 12 months of free TransUnion Cyberscout single-bureau credit monitoring and identity protection services.

If you receive notification from Coos County Family Health Services about this breach, you may want to:

• Sign up for the free credit monitoring and identity protection services, offered by the medical practice.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

More information about the medical group can be found on the Coos County Family Health Services website.