Heart South Data Breach Affects 46k Patients

Heart South Cardiovascular Group, a medical practice specializing in cardiac and vascular care in Central Alabama, disclosed a data breach that affected approximately 46,666 individuals in the United States.

Heart South discovered the breach on Feb. 12, 2026, and began notifying consumers electronically on April 6, 2026. The breach was reported to the Maine Attorney General on Apr. 6, 2026.

Notably, Heart South Cardiovascular Group experienced a data breach that occured in May 2024. The breach detailed in this article is an additional, unrelated incident that occured in Nov. 2025.

What happened in the Heart South Cardiovascular Group data breach

On or about Nov. 11, 2025, Heart South learned that an unauthorized party claimed to possess the company's data. Upon learning of the issue, the company launched a forensic investigation with external cybersecurity professionals to determine the extent of the breach.

The investigation did not find evidence of unauthorized network access or data theft, according to the notification. However, the company discovered that the bad actor had recently posted a limited amount of Heart South data on the dark web.

On Feb. 12, 2026, Heart South determined that patient information was stored on the systems affected by the incident. The specific types of personal information potentially involved in the breach were not detailed in the available disclosure materials but may include sensitive personal and/or health records.

Heart South Cardiovascular Group's response to the breach

Heart South engaged external cybersecurity professionals to conduct a thorough forensic investigation. The company took steps to understand the scope of the incident and identify individuals who may have been affected.

Heart South is notifying all patients whose protected health information was stored in the affected areas of its networ. Notifications are being delivered electronically.

Heart South has arranged for complimentary identity monitoring services through Kroll for all affected individuals. These services include single bureau credit monitoring, fraud consultation, and identity theft restoration.

Heart South has also established a dedicated and confidential call center for individuals who have questions about the incident. The call center is available Monday through Friday, excluding holidays.

Steps to take if your information was exposed

• Place a fraud alert on credit files by contacting any one of the three major credit bureaus: Equifax (1-888-378-4329), Experian (1-888-397-3742) or TransUnion (1-800-680-7289), which will then notify the other two bureaus automatically.
• Consider placing a security freeze on credit files by contacting each of the three credit bureaus separately, which will prevent new accounts from being opened without express authorization.
• Request free credit reports at AnnualCreditReport.com and review them carefully for unfamiliar accounts or unauthorized inquiries.
• Review Explanation of Benefits statements from health insurers for services not received, and contact the insurer or care provider about any unrecognized items.
• Monitor financial account statements on a regular basis for any fraudulent or irregular activity, and report any suspicious charges to the financial institution immediately.
• Be cautious of phishing attempts that reference Heart South Cardiovascular Group or this data breach by name, as scammers often use breach notifications to trick people into revealing personal information.