Myrtue Medical Center Data Breach: 1.2TB of Data Stolen

On June 13, 2025, Myrtue Medical Center detected suspicious activity on its computer systems, indicating a significant data breach. According to the hospital, an unauthorized party gained access to its network, prompting immediate action to secure their systems and launch an investigation with the help of a specialized third-party cybersecurity firm.

While the forensic investigation is ongoing, a threat actor known as "Worldleaks" claimed responsibility for the breach, posting on the Tor network on June 24, 2025. The group alleges it accessed and exfiltrated 1.2 terabytes of data, including 806,625 files.

At this stage, Myrtue Medical Center has not confirmed the exact number of individuals affected or the specific types of information exposed. However, the hospital has stated that it is in the process of identifying all impacted individuals and the nature of the compromised data.

The severity of the breach is underscored by the large volume of data claimed to be stolen and the involvement of a known threat actor. The method of attack has not been publicly disclosed, but the immediate detection of suspicious activity suggests that the breach may have involved unauthorized remote access or compromised credentials.

For more information, you can review the full notice provided by the hospital in their official data breach disclosure.

Myrtue Medical Center's response

Myrtue Medical Center responded promptly upon discovering the incident by strengthening the security of its systems, disconnecting remote access to its network, changing administrative credentials, and enhancing security measures overall. The organization engaged a third-party cybersecurity firm to conduct a comprehensive forensic investigation, which is still underway. The hospital is also working to identify all affected individuals and the types of information that may have been exposed.

If you are concerned that your information may have been involved, Myrtue Medical Center encourages you to monitor your financial accounts and credit reports for unauthorized activity. Consider placing a fraud alert or credit freeze with the three major credit bureaus: Equifax, Experian, and TransUnion. You can obtain a free credit report at AnnualCreditReport.com and find additional resources on identity theft prevention at the Federal Trade Commission’s website.

The hospital has established a dedicated toll-free hotline for questions or concerns: 866-905-8124, available Monday through Friday from 9:00 a.m. to 9:00 p.m. Central Standard Time (excluding U.S. national holidays). Written notices will be sent via U.S. mail to all impacted individuals once the investigation is complete.

For more information about Myrtue Medical Center and its services, visit the Myrtue Medical Center website.