Healthcare group reports data breach

Heart South Cardiovascular Group says a cybersecurity incident may have exposed patient data tied to 46,666 people, and some of that information appeared on the dark web. (heartsouthpc.com) The Alabama cardiology practice said it learned on or about November 11, 2025 that an unauthorized party claimed to possess Heart South data. The company filed the incident with the Maine Attorney General on April 6, 2026. (heartsouthpc.com) (maine.gov) Heart South said a forensic investigation with outside cybersecurity specialists did not find evidence of unauthorized access to its network or data theft. It said it later found that a “limited amount” of Heart South data had been posted on the dark web. (heartsouthpc.com) The company said it is notifying all patients whose protected health information was stored in the network locations where the posted data resided. Heart South said it could not confirm whether any specific person’s information was affected. (heartsouthpc.com) For affected people, the data could include full names combined with Social Security numbers, dates of birth, treatments, procedures, diagnoses, medications, and health insurance information, if those details existed in Heart South’s records. Heart South said it identified potentially affected individuals on February 12, 2026. (heartsouthpc.com) Medical records can be more useful to criminals than a single credit card number because they can contain identity details and health information in one file. The United States Department of Health and Human Services says healthcare breaches can involve protected health information such as diagnoses, treatment details, and insurance data. (hhs.gov) Heart South said it began notifying impacted individuals in April 2026 and offered complimentary credit monitoring to people for whom it had valid mailing addresses. The notice also urged patients to place fraud alerts or security freezes on their credit files and watch account statements and credit reports for suspicious activity. (heartsouthpc.com) Heart South describes itself as a heart and vascular care provider serving Central Alabama, with offices in Alabaster, Clanton, and Centreville. That means the breach notice reaches patients of a regional specialty practice, not a national hospital chain. (heartsouthpc.com) (zocdoc.com) The company said it has no evidence that personal information has been or will be used for identity theft as a direct result of the incident. For patients who received letters this month, the next step is the same one Heart South opened with: assume exposure is possible and secure financial and medical identity records now. (heartsouthpc.com)