High Point Treatment Center Data Breach Exposes Social Security Numbers

On July 16, 2025, High Point Treatment Center, a Massachusetts-based hospital and health care provider, discovered a significant data breach affecting the personal information of thousands of individuals. The breach was the result of a ransomware attack carried out by the Abyss group, who claimed responsibility and posted about the incident on the dark web on July 26, 2025. According to Abyss, they obtained 1.8 terabytes of uncompressed data from High Point’s systems.

The breach exposed sensitive personally identifiable information (PII), including names, Social Security numbers and dates of birth. This information was collected as part of employment or prospective employment with High Point.

A total of 4,613 individuals in the United States were affected by the breach. The impact was most significant in Massachusetts, where 4,359 people were affected. In New Hampshire, 15 individuals were impacted, while four were affected in Maine.

The breach was officially disclosed to the Maine Attorney General on July 29, 2025, to the Massachusetts Attorney General on July 29, 2025, and to the New Hampshire Attorney General on Aug. 5, 2025.

The breach was severe due to the nature of the attack. The Abyss ransomware group not only accessed but also copied confidential data. The attack was first detected when High Point noticed unusual activity in its network on July 6, 2025. A comprehensive investigation, supported by legal counsel and third-party forensic specialists, determined that unauthorized individuals had viewed and copied sensitive information.

High Point Treatment Center’s response

To help protect those impacted, High Point is offering 24 months of complimentary single-bureau credit monitoring, credit reports and credit score services through Cyberscout, a TransUnion company specializing in fraud assistance and remediation. Individuals are encouraged to enroll in these services within 90 days of receiving their notification letter. The credit monitoring service provides alerts when changes occur to a person’s credit file, helping individuals detect any suspicious activity early.

High Point also recommends that those affected remain vigilant by regularly reviewing their account statements and credit reports for any unauthorized activity. They suggest placing a fraud alert or credit freeze on credit files if necessary, and provide detailed instructions and contact information for the three major credit bureaus in the notification letter. For further information or assistance, affected individuals can call the dedicated assistance line at 833-397-4692, Monday through Friday from 8 a.m. to 8 p.m. Eastern Time.