Atlantic Brain and Spine Discloses Data Breach Impacting Patient Information
Atlantic Brain and Spine, a neurosurgical practice based in Wilmington, North Carolina, announced a data breach on March 27, 2026, after detecting unusual network activity on January 26, 2026. The incident involved unauthorized access to sensitive patient data, though the full scope remains under investigation.
The breach potentially exposed personally identifiable information (PII), including names, addresses, email addresses, phone numbers, dates of birth, Social Security numbers, and financial account details. Additionally, protected health information (PHI) such as treatment records, diagnosis details, prescription data, medical record numbers, insurance information, and billing claims may have been compromised.
Atlantic Brain and Spine is still reviewing the affected data and has not confirmed the total number of impacted individuals. The practice has provided contact information for affected parties seeking further details, including a dedicated phone line, email, and mailing address.
The incident underscores the ongoing risks to healthcare data security, particularly for organizations handling highly sensitive medical and financial records.
Source: https://www.claimdepot.com/data-breach/atlantic-brain-and-spine-2026
Atlantic Brain and Spine cybersecurity rating report: https://www.rankiteo.com/company/atlantic-brain-and-spine
"id": "ATL1774910495",
"linkid": "atlantic-brain-and-spine",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Wilmington, North Carolina',
'name': 'Atlantic Brain and Spine',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Contact information provided for affected parties',
'data_breach': {'personally_identifiable_information': ['Names',
'Addresses',
'Email addresses',
'Phone numbers',
'Dates of birth',
'Social Security '
'numbers',
'Financial account '
'details',
'Treatment records',
'Diagnosis details',
'Prescription data',
'Medical record '
'numbers',
'Insurance '
'information',
'Billing claims'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally identifiable '
'information (PII)',
'Protected health information '
'(PHI)']},
'date_detected': '2026-01-26',
'date_publicly_disclosed': '2026-03-27',
'description': 'Atlantic Brain and Spine, a neurosurgical practice based in '
'Wilmington, North Carolina, announced a data breach after '
'detecting unusual network activity. The incident involved '
'unauthorized access to sensitive patient data, including '
'personally identifiable information (PII) and protected '
'health information (PHI).',
'impact': {'data_compromised': 'Personally identifiable information (PII) and '
'protected health information (PHI)',
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'investigation_status': 'Ongoing',
'references': [{'source': 'Cyber Incident Description'}],
'response': {'communication_strategy': 'Dedicated phone line, email, and '
'mailing address for affected parties'},
'title': 'Atlantic Brain and Spine Data Breach',
'type': 'Data Breach'}