Almost one year after discovery, Sandhills Medical Foundation notifies 169,017 people affected by a cyberattackThis was an attack by INC Ransom, who dumped the data in June 2025. INC didn't tag it as an encryption invcident -- just as hack, exfil, ransom demand. So I'm not sure why it took Sandhills about a year to make notifications https://databreaches.net/2026/04/29/almost-one-year-after-discovery-sandhills-medical-foundation-notifies-169017-people-affected-by-a-cyberattack/#databreach #HIPAA #incidentresponse #INCransom #healthsec
