Subscribe To Our Newsletter

This field is for validation purposes and should be left unchanged.
Class Action U Logo
Check Your Eligibility

Sandhills Medical Foundation Data Breach

Sandhills Medical Foundation disclosed a ransomware-related data breach affecting 169,017 people. The breach may have exposed Social Security numbers, driver’s license information, dates of birth, government IDs, passport information, and personal health information.

Check Your Eligibility
Sandhills Medical Foundation
Date of Breach: May 8, 2025
CAU logo

Who was affected:

Clients of Sandhills Medical Foundation

Impacted Data:

Social Security number

Driver’s license information

Date of birth

Government-issued identification

Passport information

Personal health information

Check Your Eligibility

Sandhills Medical Foundation, Inc., doing business as Sandhills Medical, disclosed a ransomware attack that affected 169,017 individuals. The incident may have exposed sensitive patient information, including Social Security numbers, driver’s license information, dates of birth, government IDs, passports, and personal health information.

Sandhills Medical Foundation’s Data Breach Investigation

Sandhills Medical Foundation, Inc. d/b/a Sandhills Medical (“Sandhills”) recently disclosed a cybersecurity incident involving unauthorized access to its systems. According to the company’s notice, Sandhills discovered on May 8, 2025, that it had been the victim of a ransomware attack.

After discovering the incident, Sandhills stated that it regained control of its secured network and began an investigation with cybersecurity experts, law enforcement, and an independent forensic firm. The investigation determined that an unauthorized third party accessed Sandhills’ server directly and obtained personal information for certain patients.

Regulatory information indicates that the breach occurred on May 2, 2025, and was discovered on May 8, 2025. The incident affected 169,017 individuals, including 39 Maine residents. Consumer notifications were sent on April 28, 2026, with an updated mailing on June 2, 2026.

Sandhills reported that the information involved varied by individual and may have included Social Security numbers, driver’s license information, dates of birth, government-issued identification, passport information, and personal health information. This type of information is especially sensitive because it may be used for identity theft, medical identity theft, insurance fraud, financial fraud, or phishing schemes.

Sandhills stated that it has no evidence that personal information was misused. However, because an unauthorized third party obtained patient information, affected individuals should remain vigilant.

In response, Sandhills enhanced network protocols and security partnerships. The organization is also offering 12 months of credit monitoring services through Cyberscout, a TransUnion company, along with proactive fraud assistance.

When Did This Breach Occur?

According to the breach details:

  • Date Breach Occurred: May 2, 2025
  • Date Breach Discovered: May 8, 2025
  • Consumer Notification Dates: April 28, 2026, and updated mailing June 2, 2026
  • Individuals Affected: 169,017
  • Maine Residents Affected: 39
  • Type of Incident: External system breach / ransomware attack

What Information Was Breached?

The information involved varied by individual and may have included:

  • Social Security number
  • Driver’s license information
  • Date of birth
  • Government-issued identification
  • Passport information
  • Personal health information

Affected individuals should review their notice carefully to determine what information may have been involved.

What You Can Do

If you received a notice from Sandhills Medical, consider taking these steps:

  • Enroll in the complimentary credit monitoring services offered through Cyberscout.
  • Review credit reports for suspicious activity.
  • Monitor medical statements and insurance records for unfamiliar services.
  • Place a fraud alert or security freeze with the major credit bureaus.
  • Report suspected identity theft to law enforcement and the Federal Trade Commission.
  • Keep records of any expenses, suspicious activity, or time spent responding to the breach.

You may also wish to learn whether you have legal options after your personal or health information was exposed.

File a Data Breach Lawsuit Against Sandhills Medical Foundation

If you received a data breach notification from Sandhills Medical Foundation, you may have legal rights. Healthcare organizations are expected to protect sensitive patient information from unauthorized access. When ransomware attackers obtain personal and health information, affected individuals may face long-term risks and costs.

A data breach lawsuit may seek compensation for loss of privacy, identity theft risks, medical identity theft concerns, out-of-pocket expenses, and time spent responding to the breach.

Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.

VIEW PDF
Subscribe To Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This field is for validation purposes and should be left unchanged.
Other Data Breaches
Blantyre Capital Data Breach
Date of Breach: May 2026
Fulcrum Real Estate Services Data Breach
Date of Breach: March 9, 2026
Sandhills Medical Foundation Data Breach
Date of Breach: May 8, 2025
Show More

Frequently Asked Questions

A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.

Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.

If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.

To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.

Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.

Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.