OB-GYN Associates Suffers Major Ransomware Attack

On Aug. 7, 2025, OB-GYN Associates detected a significant network security incident involving unauthorized access to its systems. The attack was later confirmed to be a ransomware incident attributed to the threat actor INC RANSOM, who publicly claimed responsibility on the dark web on Aug. 30, 2025. According to disclosures filed with the Montana Attorney General and the New Hampshire Attorney General, the breach resulted in the compromise of sensitive personal information.

The types of information exposed include first and last names, Social Security numbers, driver’s license numbers, bank account numbers and routing numbers. This is all considered personally identifiable information (PII). There is no indication that protected health information (PHI) was involved, though the exposed data is highly sensitive and could be used for identity theft or financial fraud.

The breach impacted a small number of individuals in the states where disclosures have been made: two people in Montana and one in New Hampshire. However, the notification letters indicate that all OB-GYN Associates employees whose information may have been involved were notified out of caution. The company has not reported any evidence of misuse of the compromised data as of this writing.

The severity of the breach is heightened by the nature of the attack—a ransomware event in which files were acquired by an unauthorized third party. The attackers not only accessed but also exfiltrated sensitive information, increasing the risk to affected individuals.

OB-GYN Associates's response

Upon discovery of the incident, OB-GYN Associates immediately engaged third-party forensic specialists to investigate and secure their network. The company wiped and rebuilt affected systems, implemented stronger password requirements, and enabled multi-factor authentication to bolster security. They also notified the FBI and are cooperating with the ongoing investigation.

For those affected, OB-GYN Associates is offering 12 months of free credit monitoring, credit reports, and credit score services through Cyberscout, a TransUnion company. This includes proactive fraud assistance and identity theft recovery support. Impacted individuals are encouraged to enroll in these services within 90 days of receiving their notification letter. The company’s notification letters provide detailed instructions for enrollment and a dedicated helpline for questions.

Given the nature of the breach and the information involved, affected individuals should remain vigilant by regularly monitoring their credit reports and financial accounts for suspicious activity. It is also advisable to consider placing a security freeze or fraud alert on credit files. Additional information about these protective measures is included in the consumer notice and available from the major credit bureaus.

About OB-GYN Associates

OB-GYN Associates is a women’s health practice specializing in obstetrics and gynecology, with locations across the United States. These clinics focus on comprehensive care for women at all stages of life, offering services such as prenatal and postpartum care, gynecology, infertility evaluation, and advanced diagnostics. OB-GYN Associates is known for its personalized, compassionate approach and employs board-certified providers supported by modern medical technology. More information about their services and locations can be found on the OB-GYN Associates website.

For full details, including the official notice to consumers and the company’s response, see the filings with the Montana Attorney General and New Hampshire Attorney General.

The official notice to consumers is included in PDF format at the bottom of this page.