Rural Health Services Data Breach Affects 32,948 in South Carolina

Published

June 14, 2025

Updated

August 20, 2025

Rural Health Services

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Rural Health Services, a healthcare provider serving rural communities in South Carolina, has experienced a data breach. An investigation revealed that an unauthorized actor accessed the Rural Health Services network between January 15, 2025, to February 13, 2025. A total of 32,948 people have been affected in South Carolina alone, according to a disclosure made to the state's attorneys general's office.

The breach involved a ransomware attack carried out by the MEDUSA group. According to dark web sources, MEDUSA claimed responsibility for the cybersecurity incident, threatening to publish the stolen data within a week and sharing sample screenshots on the Tor network.

The data breach compromised both personally identifiable information (PII) and protected health information (PHI). Exposed information may include date of birth, Social Security number, driver’s license number, passport number, financial account number, medical history, mental and physical treatment information, diagnosis information, prescription information, treating/referring physician, patient number, Medicare/Medicaid information and health insurance information including policy number, member ID, and/or group number.

Rural Health Services disclosed the data breach to the U.S. Department of Health and Human Services on June 12, 2025, reporting a total of 36,542 individuals affected.

Rural Health Services also disclosed the data breach to the Massachusetts Attorney General's office on June 12, 2025, reporting two Massachusetts residents affected. Rural Health Services published an updated Notice of Data Security Incident on its own website on June 13, 2025.

Rural Health Services' response

Rural Health Services launched an investigation and contacted law enforcement. Affected individuals were notified by mail on or about June 13, 2025.

If you receive a data breach notification from Rural Health Services, you may want to:

Sign up for any free credit monitoring or identity theft services, if offered.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

Rural Health Services has set up a dedicated response line for affected individuals at 877-423-3139, 9:00 am to 9:00 pm ET.

For more information, visit the Rural Health Services website.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.