Aspire Rural Health System, a healthcare provider serving the Thumb region, experienced a **data security breach** where an unauthorized party accessed its internal network between **November 4, 2024, and January 6, 2025**. The breach was detected later, and an investigation confirmed that **personally identifiable information (PII) and protected health information (PHI)** of a limited number of individuals was compromised. Exposed data included **names, Social Security numbers, financial account details, medical records (diagnoses, prescriptions, lab results), health insurance information, payment card details (numbers, PINs, expiration dates), driver’s license numbers, biometric identifiers, usernames/passwords, and passport numbers**.While Aspire stated there is **no evidence of financial fraud or identity theft** linked to the incident, the scope of exposed data is severe, encompassing highly sensitive personal and medical information. Notification letters were sent to affected individuals in **August 2025**, and complimentary credit monitoring was offered to those with exposed Social Security numbers. The **Epic EMR system remained unaffected**, but the breach poses significant risks due to the **breadth of compromised data**, including credentials and financial records.
Source: https://sanilaccountynews.mihomepaper.com/articles/aspire-reports-security-breach/
TPRM report: https://www.rankiteo.com/company/aspire-rural-health-system
"id": "asp0733007091025",
"linkid": "aspire-rural-health-system",
"type": "Breach",
"date": "11/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': 'Limited number of individuals '
'(exact count not specified)',
'industry': 'Healthcare',
'location': 'Thumb area, Michigan, USA',
'name': 'Aspire Rural Health System',
'type': 'Healthcare Provider'}],
'customer_advisories': {'credit_monitoring_offer': 'For individuals with '
'exposed Social Security '
'numbers',
'eligibility_check': 'Via toll-free line',
'toll_free_line': '833-594-5333 (Mon-Fri, 9 a.m. to 9 '
'p.m.)'},
'data_breach': {'data_exfiltration': 'Likely (files and folders '
'accessed/acquired by unauthorized '
'party)',
'personally_identifiable_information': ['First and last names',
'Dates of birth',
'Social Security '
'numbers',
'Financial account '
'numbers and routing '
'numbers',
'Driver’s license '
'numbers',
'Passport numbers',
'Patient '
'identification '
'numbers',
'Medical record '
'numbers',
'Usernames and '
'passwords',
'Biometric '
'identifiers'],
'sensitivity_of_data': 'High (includes SSNs, medical records, '
'financial data, biometrics, etc.)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Financial Information',
'Authentication Credentials']},
'date_detected': '2025-01-06',
'date_publicly_disclosed': '2025-07-18',
'description': 'Aspire Rural Health System, serving the Thumb area, reported '
'a data security breach where an unauthorized party accessed '
'its internal network between November 4, 2024, and January 6, '
'2025. The breach involved personally identifiable information '
'(PII) and protected health information (PHI) of a limited '
'number of individuals. Aspire detected the incident, '
'contained it, and engaged cybersecurity professionals to '
'investigate. No evidence of financial fraud or identity theft '
'has been found to date. Affected individuals were notified '
'via mail on August 20, 2025, and offered complimentary credit '
'monitoring services if their Social Security numbers were '
'involved. The Epic Electronic Medical Record (EMR) system was '
'not impacted.',
'impact': {'brand_reputation_impact': 'Potential (due to public disclosure '
'and notification)',
'data_compromised': True,
'identity_theft_risk': 'Low (no evidence of fraud or identity '
'theft reported)',
'payment_information_risk': 'Moderate (payment card numbers, '
'expiration dates, and PINs exposed)',
'systems_affected': ['Internal Network',
'Files and Folders (containing PII/PHI)']},
'initial_access_broker': {'high_value_targets': ['PII',
'PHI',
'Financial Data'],
'reconnaissance_period': 'Potential (between '
'November 4, 2024, and '
'January 6, 2025)'},
'investigation_status': 'Ongoing (as of July 18, 2025 disclosure)',
'references': [{'source': 'Aspire Rural Health System Website Posting'},
{'date_accessed': '2025-08-20',
'source': 'Aspire Rural Health System Notification Letters'}],
'regulatory_compliance': {'regulations_violated': ['HIPAA (likely, due to PHI '
'exposure)']},
'response': {'communication_strategy': {'credit_monitoring': 'Complimentary '
'services for '
'individuals '
'with exposed '
'Social Security '
'numbers',
'customer_support': 'Dedicated '
'toll-free '
'response line '
'(833-594-5333, '
'available '
'Mon-Fri 9 a.m. '
'to 9 p.m.)',
'public_disclosure': 'Website posting '
'and direct mail '
'notifications '
'(sent August '
'20, 2025)'},
'containment_measures': 'Network access restricted; '
'investigation launched',
'incident_response_plan_activated': True,
'remediation_measures': 'Engaged outside cybersecurity '
'professionals to secure the environment',
'third_party_assistance': True},
'stakeholder_advisories': 'Written notification letters mailed to affected '
'individuals (August 20, 2025)',
'threat_actor': 'Unauthorized Party',
'title': 'Aspire Rural Health System Data Security Breach',
'type': ['Data Breach', 'Unauthorized Access']}