Sandhills Medical Foundation Data Breach Investigation

‍

Pittman, Dutton, Hellums, Bradley & Mann, P.C. is investigating a major ransomware attack involving Sandhills Medical Foundation that impacted more than 169,000 patients and may have exposed sensitive personal and medical information.

Healthcare data breaches are particularly serious because they often involve highly sensitive health records in addition to personal identifying information. When this type of data is exposed, it can create long-term risks for affected individuals.

‍

What Happened?

Sandhills Medical Foundation, a federally qualified health center serving multiple counties in South Carolina, discovered a ransomware attack on May 8, 2025, after systems within its network were encrypted.

A subsequent forensic investigation determined that unauthorized access to its systems began several days earlier, around May 2, 2025. During that time, cybercriminals were able to access and remove files from the network before deploying ransomware.

The group believed to be responsible for the attack, INC Ransom, later claimed responsibility and published the stolen data online after an alleged ransom demand was not met.

‍

What Information Was Exposed?

According to available reports, the compromised data may include:

• Names
• Dates of birth
• Personal health information

Because medical data was involved, the risks extend beyond financial fraud and may include misuse of sensitive health records or identity-related issues.

‍

Notification and Response

Sandhills Medical Foundation began notifying affected individuals in late April 2026. The organization has stated that it has taken steps to improve its cybersecurity protections and prevent similar incidents in the future.

Affected individuals have been offered credit monitoring and identity protection services for a limited period.

‍

Laurel Eye Clinic Data Breach

A separate healthcare-related data breach has also been reported involving Laurel Eye Clinic and its affiliated entities, including Laurel Laser & Surgery Center and LaBrasca Plastic Surgery.

This incident was initially identified in January 2025, and an investigation later confirmed that unauthorized access resulted in the acquisition of certain files by a third party.

‍

What Information Was Involved?

The data exposed in this incident may include:

• Names
• Dates of birth
• Driver’s license numbers
• Usernames and passwords
• Medical and health insurance information

This combination of data significantly increases the risk of identity theft, financial fraud, and unauthorized access to accounts.

‍

Delayed Notification Concerns

Although the breach was identified in early 2025, notification letters were not sent to affected individuals until April 2026. This delay may have limited individuals’ ability to take immediate action to protect themselves.

Laurel Eye Clinic has stated that it has not identified confirmed misuse of the data at this time, but the absence of detected misuse does not eliminate the risk.

‍

Why These Breaches Matter

Data breaches involving healthcare providers are among the most serious types of cybersecurity incidents. Medical information cannot easily be changed like a password or credit card number, making it especially valuable to cybercriminals.

These incidents raise important questions about:

• How long unauthorized access went undetected
• Whether proper safeguards were in place
• Why notification took as long as it did
• What steps are being taken to prevent future breaches
  ‍

What You Should Do

If you believe your information may have been exposed in either of these incidents, you should take steps to protect yourself:

• Monitor financial accounts and medical billing statements
• Review your credit reports for suspicious activity
• Be cautious of phishing emails or unexpected communications
• Consider placing a fraud alert or credit freeze

‍

Contact Our Firm for a Free Consultation

Our firm is actively investigating these data breaches to determine whether affected individuals may be entitled to compensation.

If you received a notification or believe your information was exposed in the Sandhills Medical Foundation or Laurel Eye Clinic data breach, call (205) 322-8880 today for a free consultation.

There are no upfront costs. You pay nothing unless we recover compensation for you.

At Pittman, Dutton, Hellums, Bradley & Mann, P.C., our firm is committed to holding organizations accountable when they fail to protect sensitive information.

‍

‍