Healthcare Compliance Training and Certification

HIPAA News

600,000 North Country HealthCare Patients’ Data Stolen by the Stormous Ransomware Group

by | Jul 20, 2025

A ransomware group known as Stormous claims to possess the stolen personal data and protected health information (PHI) of 600,000 North Country HealthCare patients. North Country HealthCare is a federally certified community health center that provides comprehensive healthcare services at 14 locations in northern Arizona.

Since early 2022, this pro-Russia ransomware group has been active in double extortion, data theft, and file encryption. Stormous demands ransom payment from the victim in exchange for the decryption keys and to avoid the exposure of the stolen information on its dark web data leak page. The group has attacked at least 150 companies, usually executing fewer than 10 attacks monthly. However, in May 2025, the group performed over 15 attacks. The group typically targets organizations in industries such as hospitality and tourism, business services, technology, government, and healthcare. The top five target nations of the group are the United States, Spain, France, the United Arab Emirates, and Brazil.

On July 13, 2025, the group’s data leak site listed North Country HealthCare. As per Stormous, it possesses the health data of 600,000 patients, which includes Protected Health Information (PHI), personally identifiable information (PII), clinic information, diagnostic codes (ICD), and provider information. The following information are included in the stolen data: complete name, birth date, gender, contact number, clinic name, visit date/place, health insurance company, ICD code, and an explanation of the diagnosis. The group says that the information of 100,000 patients will be posted for sale, while the information of 500,000 patients will be posted on the leak site accessible to the public.

The group released a statement on July 15, 2025, saying that it had already published the files. North Country HealthCare has not released any statement yet to confirm the dark web listing or the cyberattack or the data breach. However, as an entity with HIPAA certification, it is expected that North Country HealthCare will release a statement on the issue.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

COMPREHENSIVE HIPAA TRAINING

Please enable JavaScript in your browser to complete this form.

Ryan Coyne

Ryan Coyne is a results-driven leader in the healthcare compliance industry, specializing in regulatory compliance, compliance training, and assisting healthcare organizations and business associates in achieving and maintaining compliance. With a deep knowledge of healthcare regulations and a keen understanding of the challenges faced by the industry, Ryan has developed a reputation as a trusted advisor and advocate for ethical and compliant practices in healthcare. Ryan has successfully advised and guided numerous healthcare organizations, business associates, and healthcare professionals on achieving and maintaining compliance with regulatory training requirements. Ryan's professional focus is using his in-depth expertise and leading a world class team of subject matter experts at ComplianceJunction in regulatory compliance to help organisations navigate the complex landscape of ensuring staff adhere to healthcare regulations. You can connect with Ryan via LinkedIn and follow on Twitter

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy