Spindletop Center Data Breach Exposes PII of 88,863 Individuals

On Nov. 28, 2025, Spindletop Center, a prominent community health organization based in Beaumont, Texas, reported a data breach that has affected 88,863 individuals to the U.S. Department of Health and Human Services. The breach was the result of a ransomware attack orchestrated by the RHYSIDA group, a well-known cybercriminal organization.

On Oct. 30, 2025, RHYSIDA claimed responsibility for the attack on a dark web forum, stating they had obtained data from Spindletop Center and threatening to publish it within a week. The attack was posted on the Tor network, a common platform for ransomware groups to publicize and monetize stolen data.

The breach involved the exposure of both personally identifiable information (PII) and protected health information (PHI). Exposed data included first and last names, Social Security numbers, driver’s license or government identification numbers, diagnosis information, and case numbers.

The company posted a notice of the incident to its website.

Spindletop Center's response

Spindletop Center promptly notified federal authorities and began working with cybersecurity experts to investigate the incident and secure its systems. They have also provided a detailed notice to consumers, outlining the types of information exposed and the steps individuals can take to protect themselves.

Given the severity of the breach and the involvement of ransomware, affected individuals are advised to remain vigilant for signs of identity theft or fraud. Recommended actions include monitoring credit reports, placing fraud alerts or security freezes with major credit bureaus, and being cautious of unsolicited communications that may attempt to use stolen information for phishing or other scams.

Anyone who believes their information may have been compromised should review the official consumer notice for specific guidance and resources.