Home
>
Data Breach>Rural Health Services

Rural Health Services Data Breach Exposes PII and PHI

Published
June 14, 2025
Updated
June 14, 2025
Rural Health Services Data Breach Exposes PII and PHI
Rural Health Services
Types of INFORMATION affected
  • Names
    Names
  • Social security numbers
    Social Security Numbers
  • Dates of birth
    Dates of Birth
  • Addresses
    Addresses
  • Government IDs
    Government IDs
  • Medical Information
    Medical Info
  • Financial Info
    Financial Info

Affected by the

Rural Health Services

data breach?

Join the Lawsuit

It's free to join. 

Rural Health Services, a healthcare provider serving rural communities in South Carolina, has experienced a data breach. An investigation revealed that an unauthorized actor accessed the Rural Health Services network between January 15, 2025, to February 13, 2025.

The breach involved a ransomware attack carried out by the MEDUSA group. According to dark web sources, MEDUSA claimed responsibility for the cybersecurity incident, threatening to publish the stolen data within a week and sharing sample screenshots on the Tor network.

The data breach compromised both personally identifiable information (PII) and protected health information (PHI). Exposed information may include date of birth, Social Security number, driver’s license number, passport number, financial account number, medical history, mental and physical treatment information, diagnosis information, prescription information, treating/referring physician, patient number, Medicare/Medicaid information and health insurance information including policy number, member ID, and/or group number.

Rural Health Services disclosed the data breach to the Massachusetts Attorney General's office on June 12, 2025, reporting two Massachusetts residents affected. Rural Health Services published an updated Notice of Data Security Incident on its own website on June 13, 2025.

Rural Health Services' response

Rural Health Services launched an investigation and contacted law enforcement. Affected individuals were notified by mail on or about June 13, 2025.

If you receive a data breach notification from Rural Health Services, you may want to:

  • Sign up for any free credit monitoring or identity theft services, if offered.
  • Monitor your credit reports and financial accounts for any unusual activity.
  • Be alert for phishing emails or phone calls that may use your exposed information.
  • Consider placing a fraud alert or credit freeze with major credit bureaus.

Rural Health Services has set up a dedicated response line for affected individuals at 877-423-3139, 9:00 am to 9:00 pm ET.

For more information, visit the Rural Health Services website.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Sources

Disclosures

Breach Summary

Affected Entity
Rural Health Services
Consumers Notification date
Date of Breach
Breach Discovered Date
Total People Affected
Information Types Exposed
  • date of birth
  • Social Security number
  • driver’s license number
  • passport number
  • financial account number
  • medical history
  • mental and physical treatment information
  • diagnosis information
  • prescription information
  • treating/referring physician

Data Breach Settlements

SMART $945,000 Data Breach Class Action Settlement
Aven Financial Inc. $450K Data Breach Settlement
Estrella Insurance Data Breach Class Action Settlement
Sysco Corp. $2.3M Data Breach Class Action Settlement
New Horizons Medical Data Breach Class Action Settlement
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image

What to Read Next

AltaMed Data Breach Exposes SSNs and Protected Health Info
June 15, 2025
AltaMed Data Breach Exposes SSNs and Protected Health Info
Mount Rogers Data Breach Affects Patients and Employees
June 14, 2025
Mount Rogers Data Breach Affects Patients and Employees
Arkansas Urology Data Breach Affects Patient Info
June 14, 2025
Arkansas Urology Data Breach Affects Patient Info
McKenzie Memorial Breach Exposes PII and PHI Data
June 13, 2025
McKenzie Memorial Breach Exposes PII and PHI Data