North Los Angeles County Regional Center has begun mailing breach notification letters to individuals affected by a ransomware attack first detected on November 28, 2024. The organization confirmed that unauthorized access occurred between November 20 and December 1, 2024, during which attackers exfiltrated sensitive data before deploying ransomware to encrypt files. The Medusa ransomware group claimed responsibility for the attack, alleging they stole over 600 gigabytes of data.
The compromised information includes a wide range of personal and medical data: names, addresses, dates of birth, Social Security numbers, passport numbers, driver's license numbers, financial account information, payment card data, health plan information, medical record numbers, lab results, medications, diagnoses, treatment information, and prescription details. The breach also exposed usernames and passwords, disability codes, and certificate or license numbers.
North Los Angeles County Regional Center initially announced the incident on its website on January 6, 2025, to allow affected individuals to take protective measures. However, the organization required additional time to complete a thorough review of the compromised data before issuing formal notification letters. The incident was reported to the Department of Health and Human Services Office for Civil Rights on January 6, 2025, with a placeholder figure of 500 affected individuals, though the actual number will be updated following the completed data review.
In a separate incident, Midland Care Connection, a Topeka, Kansas-based nonprofit healthcare provider, disclosed a cybersecurity breach detected on March 31, 2026. The investigation confirmed unauthorized network access beginning March 30, 2026, with the data review completed on June 12, 2026. The compromised information varied by individual but may include names, birth dates, medical treatment and health information, health insurance details, financial account information, and Social Security numbers for some victims.
North Los Angeles County Regional Center has implemented additional technical security measures and continues working with data security experts to strengthen system protections. Midland Care Connection has reviewed and enhanced its data privacy and security policies and is offering affected individuals 12 months of complimentary credit monitoring and identity theft protection services. Both organizations are working to prevent similar incidents in the future.
Source: https://www.hipaajournal.com/north-los-angeles-county-regional-center-ransomware-attack/


