Madison Healthcare Confirms Data Breach After Ransomware Attack

Between July and August 2025, Minnesota's Madison Healthcare Services experienced a data breach impacting the personal information of people in its database. The breach was first made public when a threat actor known as Worldleaks claimed responsibility and posted about the incident on the Tor network on Sept. 23, 2025.

The breach was disclosed to the U.S. Department of Health and Human Services on Dec. 2, 2025, with a placeholder value of 500 people affected.

While the specific data types exposed have not been detailed in the public disclosures, healthcare data breaches of this nature often involve names, addresses, dates of birth, Social Security numbers, medical record numbers, health insurance details, and clinical information.

The severity of this breach is heightened by the fact that the attackers not only accessed sensitive data but also publicly claimed to have leaked it on the dark web. This increases the risk of identity theft and fraud for those affected.

Madison Healthcare Services's response

After discovering the breach, Madison Healthcare Services conducted an investigation and notified affected individuals. The company posted a consumer notice outlining the incident and recommended steps for those whose information may have been exposed.

Given the nature of the breach and the involvement of a dark web posting, those affected should consider placing a fraud alert or credit freeze with the major credit bureaus. It is also recommended to change passwords for online accounts, especially those related to healthcare or financial services, and to be cautious of unsolicited communications that request personal information.