• Home
  • cyber
  • Marin Cancer Care: Carolina Foot & Ankle Associates Notifies Patients About December 2025 Cyberattack
cyber Cyber Attack

Marin Cancer Care: Carolina Foot & Ankle Associates Notifies Patients About December 2025 Cyberattack

Dec 20, 2025 3 min read
Marin Cancer Care: Carolina Foot & Ankle Associates Notifies Patients About December 2025 Cyberattack

Cyberattacks on Healthcare Providers Highlight HIPAA Compliance Risks and Data Exposure

In December 2025, three healthcare providers New Age Dermatology, Carolina Foot & Ankle Associates, and Marin Cancer Care reported cybersecurity incidents involving unauthorized access to patient data.

New Age Dermatology (Massachusetts)

A ransomware attack detected on or around December 20, 2025, targeted an internal server, rendering it inoperable. While the investigation is ongoing, New Age Dermatology confirmed that personal and protected health information (PHI) including names, dates of birth, medical/treatment details, diagnostic images, photographs, and Social Security numbers was likely compromised. The electronic medical record system remained unbreached. Law enforcement was notified, and affected individuals were offered complimentary credit monitoring and identity theft protection services for 12 months.

Carolina Foot & Ankle Associates (North Carolina)

A cybersecurity incident detected on December 8, 2025, involved unauthorized network access and file exfiltration. Compromised data included names, phone numbers, dates of birth, medical record numbers, health insurance information, diagnostic/CPT codes, and dates of service. Social Security numbers and financial information were unaffected, and the electronic medical record system remained secure.

Marin Cancer Care (California)

An intrusion detected on December 8, 2025, revealed unauthorized access to its network between November 22 and December 6, 2025. Files containing patient names, medical information, and health insurance details were likely viewed or acquired. Immediate security enhancements were implemented, and affected individuals were offered credit monitoring and identity theft protection services. The breach was reported to the HHS’ Office for Civil Rights with an initial estimate of at least 501 affected individuals.

HIPAA Compliance and Security Gaps

The incidents underscore persistent vulnerabilities in healthcare cybersecurity, including:

  • Phishing and email-based attacks as primary entry points.
  • Insufficient workforce training on identifying malicious software and reporting threats.
  • Delayed breach notifications, increasing risks of identity theft and fraud.
  • Inadequate access controls, including shared login credentials and improperly configured audit logs.
  • Gaps in business associate oversight, where third-party vendors may introduce compliance risks.

HIPAA regulations require ongoing security awareness training, documented risk analyses, and timely breach reporting to mitigate such incidents. The attacks also highlight the need for automated logoff capabilities, data backup plans, and disaster recovery protocols to protect PHI integrity.

Source: https://www.hipaajournal.com/carolina-foot-ankle-associates-new-age-dermatology-marin-cancer-care-breach/

Marin Cancer Care cybersecurity rating report: https://www.rankiteo.com/company/marin-cancer-care

"id": "MAR1772110336",
"linkid": "marin-cancer-care",
"type": "Cyber Attack",
"date": "12/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'dermatology',
                        'location': 'Massachusetts, USA',
                        'name': 'New Age Dermatology',
                        'type': 'healthcare provider'},
                       {'industry': 'podiatry',
                        'location': 'North Carolina, USA',
                        'name': 'Carolina Foot & Ankle Associates',
                        'type': 'healthcare provider'},
                       {'customers_affected': '501+',
                        'industry': 'oncology',
                        'location': 'California, USA',
                        'name': 'Marin Cancer Care',
                        'type': 'healthcare provider'}],
 'attack_vector': ['unauthorized access', 'phishing/email-based attacks'],
 'customer_advisories': ['complimentary credit monitoring and identity theft '
                         'protection services for 12 months'],
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['personal and protected health '
                                              'information (PHI)',
                                              'names',
                                              'dates of birth',
                                              'medical/treatment details',
                                              'diagnostic images',
                                              'photographs',
                                              'Social Security numbers',
                                              'phone numbers',
                                              'medical record numbers',
                                              'health insurance information',
                                              'diagnostic/CPT codes',
                                              'dates of service']},
 'date_detected': ['2025-12-20', '2025-12-08', '2025-12-08'],
 'description': 'In December 2025, three healthcare providers (New Age '
                'Dermatology, Carolina Foot & Ankle Associates, and Marin '
                'Cancer Care) reported cybersecurity incidents involving '
                'unauthorized access to patient data, highlighting HIPAA '
                'compliance risks and data exposure vulnerabilities.',
 'impact': {'brand_reputation_impact': True,
            'data_compromised': True,
            'identity_theft_risk': True,
            'legal_liabilities': True,
            'operational_impact': ['rendered server inoperable',
                                   'unauthorized file exfiltration'],
            'systems_affected': ['internal server', 'network']},
 'investigation_status': 'ongoing',
 'lessons_learned': 'The incidents underscore persistent vulnerabilities in '
                    'healthcare cybersecurity, including phishing/email-based '
                    'attacks, insufficient workforce training, delayed breach '
                    'notifications, inadequate access controls, and gaps in '
                    'business associate oversight.',
 'post_incident_analysis': {'corrective_actions': ['security awareness '
                                                   'training',
                                                   'risk analyses',
                                                   'breach reporting '
                                                   'improvements',
                                                   'access control '
                                                   'enhancements'],
                            'root_causes': ['phishing/email-based attacks',
                                            'insufficient workforce training',
                                            'inadequate access controls',
                                            'gaps in business associate '
                                            'oversight']},
 'ransomware': {'data_encryption': True},
 'recommendations': ['ongoing security awareness training',
                     'documented risk analyses',
                     'timely breach reporting',
                     'automated logoff capabilities',
                     'data backup plans',
                     'disaster recovery protocols',
                     'enhanced business associate oversight'],
 'regulatory_compliance': {'regulations_violated': ['HIPAA'],
                           'regulatory_notifications': ['HHS’ Office for Civil '
                                                        'Rights']},
 'response': {'communication_strategy': ['breach notifications to affected '
                                         'individuals',
                                         'reporting to HHS’ Office for Civil '
                                         'Rights'],
              'containment_measures': ['immediate security enhancements'],
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'remediation_measures': ['credit monitoring and identity theft '
                                       'protection services']},
 'title': 'Cyberattacks on Healthcare Providers Highlight HIPAA Compliance '
          'Risks and Data Exposure',
 'type': ['ransomware', 'cybersecurity incident', 'intrusion'],
 'vulnerability_exploited': ['insufficient workforce training',
                             'inadequate access controls',
                             'gaps in business associate oversight',
                             'delayed breach notifications']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.