• Home
  • cyber
  • Southwest Care Center: Southwest Care Center Data Breach: 143.9 GB Compromised
cyber Ransomware

Southwest Care Center: Southwest Care Center Data Breach: 143.9 GB Compromised

Jun 3, 2025 2 min read
Southwest Care Center: Southwest Care Center Data Breach: 143.9 GB Compromised

Southwest Care Center Hit by MEDUSA Ransomware Attack, Exposing Sensitive Patient Data

On June 3, 2025, Southwest Care Center, a nonprofit healthcare provider in New Mexico, detected a cybersecurity incident that prompted an immediate response. The organization engaged third-party forensic experts to secure its systems and assess the scope of unauthorized access.

By June 27, 2025, the MEDUSA ransomware group claimed responsibility, posting on the dark web that it had exfiltrated 143.9 GB of data from the organization. The group threatened to publish the stolen information within 11 to 12 days unless demands were met.

An investigation concluded on December 18, 2025, revealing that the breach may have exposed sensitive personal and protected health information (PHI), including names and other personally identifiable data. Southwest Care Center published a notice of the incident on its website and began notifying affected individuals.

In response, the organization is offering 12 months of complimentary credit monitoring and identity theft protection services to those impacted. A dedicated call center has been established for further inquiries. The incident underscores the ongoing threat ransomware groups pose to healthcare providers and the potential risks to patient privacy.

Source: https://www.claimdepot.com/data-breach/southwest-care-center-2026

Southwest Care Center (SCC) cybersecurity rating report: https://www.rankiteo.com/company/southwest-care-center

"id": "SOU1772052995",
"linkid": "southwest-care-center",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'New Mexico, USA',
                        'name': 'Southwest Care Center',
                        'type': 'Nonprofit healthcare provider'}],
 'customer_advisories': 'Dedicated call center established for inquiries',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Names and other PII',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal and protected health '
                                              'information (PHI)',
                                              'Personally identifiable '
                                              'information (PII)']},
 'date_detected': '2025-06-03',
 'date_publicly_disclosed': '2025-12-18',
 'description': 'On June 3, 2025, Southwest Care Center, a nonprofit '
                'healthcare provider in New Mexico, detected a cybersecurity '
                'incident that prompted an immediate response. The '
                'organization engaged third-party forensic experts to secure '
                'its systems and assess the scope of unauthorized access. By '
                'June 27, 2025, the MEDUSA ransomware group claimed '
                'responsibility, posting on the dark web that it had '
                'exfiltrated 143.9 GB of data from the organization. The group '
                'threatened to publish the stolen information within 11 to 12 '
                'days unless demands were met. An investigation concluded on '
                'December 18, 2025, revealing that the breach may have exposed '
                'sensitive personal and protected health information (PHI), '
                'including names and other personally identifiable data. '
                'Southwest Care Center published a notice of the incident on '
                'its website and began notifying affected individuals. In '
                'response, the organization is offering 12 months of '
                'complimentary credit monitoring and identity theft protection '
                'services to those impacted. A dedicated call center has been '
                'established for further inquiries.',
 'impact': {'data_compromised': '143.9 GB of data',
            'identity_theft_risk': 'High'},
 'investigation_status': 'Concluded',
 'motivation': 'Financial gain',
 'ransomware': {'data_exfiltration': 'Yes',
                'ransom_demanded': 'Yes (amount not specified)',
                'ransomware_strain': 'MEDUSA'},
 'recommendations': 'Offering 12 months of complimentary credit monitoring and '
                    'identity theft protection services to affected '
                    'individuals',
 'references': [{'source': 'Southwest Care Center website'}],
 'regulatory_compliance': {'regulations_violated': ['HIPAA (potential)']},
 'response': {'communication_strategy': 'Notice published on website, affected '
                                        'individuals notified',
              'containment_measures': 'Systems secured',
              'incident_response_plan_activated': 'Yes',
              'third_party_assistance': 'Forensic experts engaged'},
 'threat_actor': 'MEDUSA ransomware group',
 'title': 'Southwest Care Center Hit by MEDUSA Ransomware Attack, Exposing '
          'Sensitive Patient Data',
 'type': 'Ransomware'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.