Two healthcare providers have disclosed significant data breaches exposing sensitive patient information. All About Women's Care, an obstetrics and gynecology practice in Englewood, Colorado, reported that an unauthorized actor obtained employee VPN credentials and accessed its network, copying files containing data on approximately 12,000 patients. Mid-South Pulmonary Sleep Specialists, a pulmonary and sleep medicine practice in Memphis, Tennessee, detected suspicious network activity in November 2025 that resulted in unauthorized access and potential data theft, with the Anubis ransomware group later claiming responsibility.
The Colorado breach was discovered when All About Women's Care identified suspicious activity involving an employee VPN account. Third-party cybersecurity experts confirmed that an attacker had obtained valid credentials and used them to access the network environment. The practice completed its file review on June 5, 2026, determining the scope of compromised information. The Tennessee incident was detected on November 2, 2025, when Mid-South Pulmonary Sleep Specialists identified suspicious activity within its computer network and immediately secured the system with assistance from cybersecurity professionals.
The compromised data in both incidents includes highly sensitive personal and medical information. All About Women's Care confirmed that stolen files contained names, dates of birth, Social Security numbers, driver's license numbers, clinical treatment information, lab results, prescription details, medical documents, ultrasound images, passport copies, and health insurance information. Mid-South Pulmonary Sleep Specialists reported that exposed data varied by individual but may have included names, addresses, dates of birth, driver's license numbers, financial account information, health insurance details, medical diagnoses, treatment information, Medicare and Medicaid numbers, and Social Security numbers. The Anubis ransomware group added Mid-South to its data leak site in late November 2025 with samples of allegedly stolen patient data.
The breaches highlight ongoing vulnerabilities in healthcare IT security, particularly regarding credential theft and ransomware attacks. All About Women's Care has reported the incident to the Department of Health and Human Services Office for Civil Rights, confirming up to 12,000 affected patients. Mid-South Pulmonary Sleep Specialists completed its data review on May 18, 2026, though the total number of affected individuals has not yet been disclosed publicly, as the incident does not yet appear on the HHS breach portal.
Both practices are taking remedial steps and notifying affected patients. All About Women's Care is working with cybersecurity professionals to enhance security measures and reviewing its data privacy and security policies and procedures. Mid-South Pulmonary Sleep Specialists has notified regulators as required. Affected patients should monitor their accounts for suspicious activity, consider credit monitoring services, and remain vigilant for potential identity theft or fraud attempts using their compromised medical and financial information.
Source: https://www.hipaajournal.com/all-about-womens-care-data-breach/


