DataBreach Logo
HomeNewsBreachesAbout
Account
HomeNewsBreachesAbout
Account
heywood_org

Heywood Hospital Breach

Nov 9, 2025

92,683 rows

Added on Dec 28, 2025
Data Found in the Breach
Social Security Number
Email
Phone Number
Name

Search the Leak

Email
Phone Number

What happened in the Heywood Hospital Breach?

DataBreach.com Team · December 27th 2025, 7:00 pm EST

Executive Summary

In October 2025, Heywood Hospital (serving North Central Massachusetts) declared a "Code Black" following a severe cyberattack that forced them to divert ambulances and take critical systems offline. While the hospital initially described it broadly as a "cybersecurity incident," the Sinobi ransomware gang later claimed responsibility, boasting the theft of 550GB of data.

DataBreach.com Parse Results

Our team has analyzed the leaked files and identified the following unique identifiers, confirming the severity of the identity theft risk:

  • Social Security Numbers: 92,700 (Unique)
  • Phone Numbers: 55,800 (Unique)
  • Email Addresses: 25,100 (Unique)

What Happened?

  • The Attack: On October 12, 2025, Heywood and Athol Hospitals suffered a network outage that disrupted radiology, lab services, and email.
  • The Extortion: By November 2025, the Sinobi group listed Heywood on their leak site, threatening to publish 550GB of data if a ransom was not paid.
  • The Exposure: The high count of SSNs (nearly 4x the number of emails) suggests this dataset includes not just digital portal users, but potentially legacy patient records and maybe hospital staff/employment files that predate modern digital registration.
Recent News
Ho-ly G*t: TeamPCP Claims Theft of Thousands of GitHub Internal Repositories
Ho-ly G*t: TeamPCP Claims Theft of Thousands of GitHub Internal Repositories
a month ago
17M Nissan cars impacted by large ransomware attack
17M Nissan cars impacted by large ransomware attack
2 months ago
Iranian hackers just used Stryker’s own security tools to delete itself
Iranian hackers just used Stryker’s own security tools to delete itself
3 months ago
Massive Odido cyberattack leaks customer IBANs and government IDs
Massive Odido cyberattack leaks customer IBANs and government IDs
3 months ago
Figure breach proves blockchain cannot save us from human error
Figure breach proves blockchain cannot save us from human error
4 months ago
Substack notifies users of data breach affecting nearly 700,000 accounts
Substack notifies users of data breach affecting nearly 700,000 accounts
4 months ago
UPenn claims "Under 10" victims in 1.2M breach involving donors like Trump and Musk
UPenn claims "Under 10" victims in 1.2M breach involving donors like Trump and Musk
5 months ago
How 0apt is Using Random Noise to Fake a Ransomware Empire
How 0apt is Using Random Noise to Fake a Ransomware Empire
5 months ago
Hackers Are Now Using Global-e Data to Target Ledger Owners at Their Home Addresses
Hackers Are Now Using Global-e Data to Target Ledger Owners at Their Home Addresses
5 months ago
Meta Denies Instagram Breach After Password Reset Panic
Meta Denies Instagram Breach After Password Reset Panic
5 months ago
Why the 2.3 Million Wired Record Breach Is a Nightmare for Condé Nast
Why the 2.3 Million Wired Record Breach Is a Nightmare for Condé Nast
6 months ago
For media inquiries, contact us at contact@databreach.com
Terms of UsePrivacy PolicyOpt-Out