North Oaks Health System

On June 4, 2025, North Oaks Health System detected unauthorized access to certain employee email accounts, exposing sensitive data between May 28 and June 5, 2025. The breach compromised the personal and protected health information (PHI) of 6,243 individuals, including names, addresses, dates of birth, Social Security numbers, health insurance details, and medical records. The incident was reported to the U.S. Department of Health and Human Services (HHS) on September 2, 2025, and affected patients were notified via mail. The breach originated from a phishing or email account takeover attack, leading to the exposure of highly sensitive patient data. North Oaks secured its systems, involved law enforcement, and established a dedicated call center for victim support. The compromised data poses significant risks of identity theft, financial fraud, and medical record misuse, with long-term reputational and operational consequences for the healthcare provider.

Source: https://www.claimdepot.com/data-breach/north-oaks-health-system-2025

TPRM report: https://www.rankiteo.com/company/north-oak-regional-center

"id": "nor0563605091025",
"linkid": "north-oak-regional-center",
"type": "Breach",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': '6,243 individuals',
                        'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'North Oaks Health System',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Email Account Compromise',
 'customer_advisories': ['Review notices from North Oaks Health System',
                         'Monitor for identity theft',
                         'Avoid sharing personal information in response to '
                         'unsolicited contacts'],
 'data_breach': {'data_exfiltration': True,
                 'file_types_exposed': ['Emails', 'Attachments'],
                 'number_of_records_exposed': '6,243',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High (includes SSNs, medical records, '
                                        'and health insurance details)',
                 'type_of_data_compromised': ['Personal Information (PII)',
                                              'Protected Health Information '
                                              '(PHI)']},
 'date_detected': '2025-06-04',
 'date_publicly_disclosed': '2025-09-02',
 'description': 'On June 4, 2025, North Oaks Health System discovered '
                'suspicious activity within certain employee email accounts. '
                'An investigation revealed that an unauthorized actor gained '
                'access to some emails and attachments between May 28 and June '
                '5, 2025. The breach compromised personal and protected health '
                'information of at least 6,243 individuals, including names, '
                'addresses, dates of birth, Social Security numbers, health '
                'insurance information, and medical records.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'exposure of sensitive health data',
            'data_compromised': ['Names',
                                 'Addresses',
                                 'Dates of Birth',
                                 'Social Security Numbers',
                                 'Health Insurance Information',
                                 'Medical Records'],
            'identity_theft_risk': 'High (due to exposure of SSNs and PII)',
            'systems_affected': ['Employee Email Accounts']},
 'initial_access_broker': {'entry_point': 'Employee Email Accounts',
                           'high_value_targets': ['Patient PHI/PII'],
                           'reconnaissance_period': 'Between May 28 and June '
                                                    '5, 2025'},
 'investigation_status': 'Disclosed; ongoing notifications to affected '
                         'individuals',
 'recommendations': ['Monitor financial accounts and credit reports for signs '
                     'of identity theft',
                     'Consider placing fraud alerts or credit freezes with '
                     'major credit bureaus',
                     'Be cautious of unsolicited emails or phone calls '
                     'requesting personal information'],
 'references': [{'source': 'North Oaks Health System - Notice of Cybersecurity '
                           'Incident'}],
 'regulatory_compliance': {'regulations_violated': ['HIPAA (likely, due to PHI '
                                                    'exposure)'],
                           'regulatory_notifications': ['U.S. Department of '
                                                        'Health and Human '
                                                        'Services (HHS)']},
 'response': {'communication_strategy': ['Notice of Cybersecurity Incident '
                                         'published on website',
                                         'Mail notifications to impacted '
                                         'patients',
                                         'Public disclosure to U.S. Department '
                                         'of Health and Human Services'],
              'containment_measures': ['Secured compromised email accounts'],
              'incident_response_plan_activated': True,
              'law_enforcement_notified': True,
              'recovery_measures': ['Dedicated call center for affected '
                                    'individuals (866-559-4681)']},
 'stakeholder_advisories': ['Dedicated call center for patient inquiries'],
 'threat_actor': 'Unauthorized Actor',
 'title': 'North Oaks Health System Data Breach (2025)',
 'type': 'Data Breach'}