Hospital Caribbean Medical Center in Puerto Rico has suffered a significant ransomware attack, affecting up to 92,000 individuals. The incident was publicly disclosed on February 8, 2026, although the exact timing of the attack remains unclear. The hospital's monitoring systems detected the intrusion, prompting immediate actions to contain the breach and secure its IT infrastructure. The Gentlemen, a ransomware group, has claimed responsibility and threatened to release stolen data unless a ransom is paid.

The breach at Hospital Caribbean Medical Center is part of a series of recent data security incidents affecting healthcare facilities. Alongside this attack, Murray County Medical Center in Minnesota and Aligned Orthopedic Partners in Maryland have also reported data breaches. These incidents highlight the ongoing vulnerabilities in healthcare IT systems and the persistent threat posed by cybercriminals targeting sensitive patient information.

Technical details about the Hospital Caribbean Medical Center breach are limited, as the hospital has not specified the types of data exposed. However, the breach is listed on the HHS’ Office for Civil Rights breach portal, indicating its severity. The Gentlemen's claim of exfiltrating sensitive data, including patient information, underscores the potential risk to affected individuals.

The impact of these breaches is significant, with personal and medical information potentially compromised. In the case of Murray County Medical Center, exposed data included Social Security numbers, health insurance details, and medical histories. Aligned Orthopedic Partners reported similar data exposure, though the number of affected individuals is not yet confirmed.

In response to these incidents, affected healthcare facilities have taken steps to bolster their cybersecurity measures. Hospital Caribbean Medical Center has reinforced its monitoring systems and updated its security protocols. Individuals potentially impacted by these breaches are advised to remain vigilant, monitor their personal information for signs of misuse, and consider utilizing identity protection services offered by the affected institutions.

Source: https://www.hipaajournal.com/hospital-caribbean-medical-center-data-breach/