Tennessee-based Artemis Healthcare has experienced a ransomware attack involving data theft, and email account breaches have been announced by Greater St. Louis Oral & Maxillofacial Surgery in Missouri and St. John’s Riverside Hospital in New York.
Artemis Healthcare, Tennessee
Artemis Healthcare in Nashville, Tennessee, has recently announced a data security incident that was identified on May 31, 2025. According to the notification sent to the Vermont Attorney General, Artemis Healthcare confirmed that it was the target of a ransomware group, which accessed its network from May 5, 2025, to May 31, 2025.
The investigation confirmed on September 12, 2025, that the ransomware group accessed personally identifiable and protected health information, including names, addresses, dates of birth, Social Security numbers, and health information. The Crypto24 ransomware group took responsibility for the attack and claimed on its dark web data leak site to have exfiltrated 1 terabyte of data, including image files for millions of patients. The stolen data has been leaked, indicating the ransom was not paid.
Artemis Healthcare said it has updated its security policies and procedures and provided additional training to its workforce to prevent similar incidents in the future. While regulators have been informed, the data breach is not yet shown on the HHS’ Office for Civil Rights website, so it is currently unclear how many individuals have been affected.
Greater St. Louis Oral & Maxillofacial Surgery, Missouri
Greater St. Louis Oral & Maxillofacial Surgery in Missouri has announced a recent data breach involving unauthorized access to an employee’s email account. The email account breach was detected in October 2025, and the investigation confirmed that an unauthorized third party accessed the account after the employee responded to a phishing email and disclosed their credentials. When suspicious activity was identified in the account, the account password was promptly reset, session tokens were revoked, and multifactor authentication was reset. Third-party cybersecurity experts were engaged to investigate the incident and confirm the security of the email environment…