Anchorage Neighborhood Health Center (ANHC), a Federally Qualified Health Center in Alaska, suffered a ransomware attack in September 2025, where an unauthorized actor breached its network. An anonymous ransomware group claimed responsibility, asserting they exfiltrated over 10,000 files containing sensitive patient records of up to 60,000 individuals. The exposed data includes names, contact details, dates of birth, Social Security numbers, dependent information, health insurance details, medical records, and financial account information. The breach poses severe risks, including identity theft, financial fraud, and unauthorized medical data exposure, with potential long-term consequences for affected individuals. ANHC has not confirmed the full scope, but the incident has triggered legal investigations, with law firms like Shamis & Gentile P.A. pursuing class-action lawsuits for compensation. Victims are advised to monitor accounts, enroll in credit protection, and seek legal recourse. The attack disrupts trust in ANHC’s data security and may lead to regulatory penalties under HIPAA or other privacy laws.
Source: https://www.claimdepot.com/investigations/anchorage-neighborhood-health-center-data-breach-2025
TPRM report: https://www.rankiteo.com/company/anchorage-neighborhood-health-center-inc.
"id": "anc5203352092425",
"linkid": "anchorage-neighborhood-health-center-inc.",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 'Up to 60,000 individuals',
'industry': 'Healthcare',
'location': 'Anchorage, Alaska, USA',
'name': 'Anchorage Neighborhood Health Center (ANHC)',
'size': 'One of the largest health centers in Alaska '
'(serving ~60,000 individuals)',
'type': 'Federally Qualified Health Center'}],
'customer_advisories': 'Public notification issued; patients urged to review '
'letters and take protective actions',
'data_breach': {'data_exfiltration': 'Claimed by threat actor',
'file_types_exposed': ['Patient records',
'Medical files',
'Financial documents'],
'number_of_records_exposed': 'Up to 60,000 individuals; over '
'10,000 files',
'personally_identifiable_information': ['Name',
'Contact information',
'Date of birth',
'Social Security '
'number',
'Dependent '
'information',
'Health insurance '
'details'],
'sensitivity_of_data': 'High (includes SSNs, medical records, '
'financial data)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Financial data']},
'date_detected': '2025-09',
'date_publicly_disclosed': '2025-09',
'description': 'Anchorage Neighborhood Health Center (ANHC), a Federally '
'Qualified Health Center in Alaska, experienced a major '
'cyberattack in September 2025. An unauthorized actor gained '
'access to its network, and an anonymous ransomware group '
'claimed responsibility, asserting they hacked over 10,000 '
'files containing patient records of up to 60,000 individuals. '
'Sensitive personally identifiable information (PII), '
'including names, contact details, Social Security numbers, '
'medical records, and financial data, may have been exposed.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive patient data',
'data_compromised': ['Name',
'Contact information',
'Date of birth',
'Social Security information',
'Dependent information',
'Health insurance information',
'Medical records',
'Financial account information'],
'identity_theft_risk': 'High (due to exposure of SSNs, financial, '
'and medical data)',
'legal_liabilities': 'Potential lawsuits and compensation claims '
'from affected individuals',
'payment_information_risk': 'High (financial account information '
'exposed)'},
'initial_access_broker': {'high_value_targets': ['Patient records',
'Medical data',
'Financial information']},
'investigation_status': 'Ongoing (led by Shamis & Gentile P.A.; ANHC has not '
'confirmed full scope)',
'ransomware': {'data_exfiltration': 'Claimed by threat actor'},
'recommendations': ['Monitor financial accounts for suspicious activity',
'Enroll in free credit monitoring/identity protection if '
'offered',
'Place fraud alerts on credit reports',
'Review notification letters from ANHC',
'Seek legal counsel for compensation claims'],
'references': [{'source': 'Shamis & Gentile P.A. Investigation Notice'}],
'regulatory_compliance': {'legal_actions': 'Potential class-action lawsuits '
'(investigation ongoing by Shamis '
'& Gentile P.A.)'},
'response': {'communication_strategy': 'Public announcement; advisories for '
'patients to monitor accounts, enroll '
'in credit monitoring, and seek legal '
'help'},
'stakeholder_advisories': 'Patients advised to monitor accounts, enroll in '
'credit services, and seek legal help',
'threat_actor': 'Anonymous ransomware group',
'title': 'Anchorage Neighborhood Health Center (ANHC) Data Breach',
'type': ['Data Breach', 'Ransomware Attack']}