Academic Urology & Urogynecology of Arizona, a division of Palo Verde Hematology and Oncology that serves patients throughout Arizona, has announced a significant data breach, potentially affecting 73,281 current and former patients.

Unauthorized access to its computer network was detected on or around May 22, 2025. Steps were taken to secure its network to prevent further unauthorized access, and third-party cybersecurity experts were engaged to conduct a forensic investigation. On January 30, 2026, it was confirmed that there had been unauthorized access to its network between May 18, 2025, and May 22, 2025, during which time, files containing patient data may have been viewed or acquired.

The data involved varies from individual to individual and may include some or all of the following: full names, dates of birth, Social Security numbers, account numbers, account types, routing numbers, medical record numbers, mental or physical conditions, diagnoses/diagnosis codes, treatment locations, procedure types, provider names, dates of service, other medical benefits/entitlements, prescription information, health insurance group numbers, health insurance claim numbers, subscriber member numbers, patient account numbers and patient identification numbers.

Notification letters were mailed to the affected individuals on or around February 12, 2026. At the time of issuing notifications, no evidence had been found to indicate misuse of patient data. As a precaution, the affected individuals have been offered complimentary credit monitoring and identity theft protection services.

Livingston HealthCare, Montana

Livingston HealthCare in Livingston, Montana, has warned patients about a recent cybersecurity incident that may have resulted in unauthorized access to patient data. Livingston HealthCare, which operates a critical access hospital serving the greater Park County area, announced on February 13, 2026, that it was experiencing disruption to its phone systems and network due to a suspected cybersecurity incident.

Certain systems were taken offline while the incident was assessed, and it is working to restore the affected systems and will bring them back online when it is safe to do so. The phone system has been restored, and while network services are still limited, care continues to be provided to patients uninterrupted. At this stage of the investigation, it is not possible to determine the extent to which patient data has been compromised. Livingston HealthCare said it will continue to provide updates on the incident, recovery, and any data breach via its website.

Livingston HealthCare said it has learned of advertisements and communications suggesting patients could be entitled to compensation as a result of the incident. Patients have been warned not to disclose any sensitive information, such as Social Security numbers, banking information, or other confidential details, unless they are certain of the recipient’s identity and legitimacy.

The post Academic Urology & Urogynecology of Arizona Data Breach Affects 73K Patients appeared first on The HIPAA Journal.

Managed Care Advisors and Sedgwick Government Solutions recently announced a cybersecurity incident involving unauthorized access to a corporate Secure File Transfer Protocol (SFTP) server that contained personal and protected health information. Files on the server were encrypted with ransomware.

Sedgwick Government Solutions, which acquired Managed Care Advisors in 2021, is a Bethesda, MD-based federal government contractor that provides workers’ compensation and managed care solutions. Sedgwick is also the manager of the Nationwide Provider Network for the World Trade Center Health Program.

Data breach notices often fail to disclose the exact nature of hacking incidents, which makes it difficult for victims to accurately gauge the level of risk they face. Sedgwick bucked that trend, opting for transparency over the data breach. Sedgwick explained that the incident was detected on December 4, 2025, and it immediately implemented its incident response processes. All connections to the SFTP server were disabled to prevent further unauthorized access, and the encrypted data was restored from a secure system backup the following day.

A leading cybersecurity firm, Mandiant, was engaged to assist with the investigation and forensic analysis. The investigation confirmed that an unauthorized third party first accessed the server on November 16, 2025, by exploiting a vulnerability in the SFTP application. Access was only gained to a single server. No other systems were compromised.

The investigation confirmed on January 15, 2026, that the compromised server contained first and last names, addresses, Social Security numbers, dates of birth, and protected health information. The types of data varied from individual to individual. Sedgwick said that on January 2, 2026, a threat group identifying itself as TridentLocker claimed responsibility for the incident and published approximately 3.4 GB of data on a dark web data leak site.

Since stolen data has been published, the affected individuals should ensure that they sign up for the complimentary credit monitoring and identity theft protection services being offered. Those services include an identity theft insurance policy. Sedgwick said it had implemented cybersecurity measures prior to the incident to protect its systems and data, and has taken further steps to enhance privacy protections. The data breach is not yet shown on the HHS’ Office for Civil Rights breach portal, so it is currently unclear how many individuals have been affected.

The post Managed Care Advisors / Sedgwick Notify Patients of Ransomware Attack appeared first on The HIPAA Journal.