Yesterday, the Hospital Caribbean Medical Center in Puerto Rico added a figure of 92,000 to the breach portal of the U.S. Department of Health and Human Services Office for Civil Rights. This follows a cyber attack in February 2026, which was claimed by ransomware group The Gentlemen.
In early March, the hospital confirmed it had successfully contained a cyber attack that had impacted part of its information systems. The notification (translated) stated:
“The situation was identified by the hospital’s monitoring systems, which allowed for the timely implementation of containment and isolation measures, with the support of external cybersecurity experts. Currently, the hospital network is operating normally.
As part of the standard procedure for these types of events, a technical analysis is being conducted to validate the scope of the incident. The hospital notified the relevant authorities and is actively collaborating with the specialists supporting the assessment.”
On February 17, 2026, ransomware group The Gentlemen posted the hosptial to its data leak site, giving it around 10 days to meet its ransom demands before the data would be leaked.
The Hospital Caribbean Medical Center hasn’t confirmed The Gentlemen’s claims, whether or not a ransom has been demanded/paid, or how hackers infiltrated its systems. Comparitech contacted the hospital for more information and will update this article if we receive a response.
Who is The Gentlemen?
The Gentlemen first started adding victims to its data leak site in September 2025. Since then, it has claimed 328 attacks with 24 of these being confirmed.
This attack on the Hospital Caribbean Medical Center is the fourth confirmed attack on a healthcare provider, with the other three being:
- The Devereux Foundation, US — November 2025
- Unimed Anápolis, Brazil — January 2026
- IntraCare, New Zealand — March 2026
The Gentlemen seeks to encrypt systems and steal data, operating the double-extortion technique we see from most ransomware gangs at present. This attack on the Hospital Caribbean Medical Center highlights how extensive its data breaches can be, while its attack on IntraCare, which caused around 10 days of downtime, demonstrates how disruptive system encryption can be.
So far this year, The Gentlemen has added 254 victims to its site. 22 of these have been confirmed.
Ransomware attacks on healthcare providers
Throughout 2026 to date, we’ve noted 27 confirmed attacks on healthcare providers across the globe and are monitoring a further 122 unconfirmed attacks on this sector.
This breach on the Hospital Caribbean Medical Center is the second-largest ransomware attack (based on records affected) this year so far. The largest was carried out on Nippon Medical School Musashi Kosugi Hospital in Japan where 131,700 people had their data impacted. This followed an attack in February 2026 which was claimed by NetRunner with a massive $100 million ransom demand (unpaid).
Other recently confirmed attacks (all from April 2026) include:
- Signature Healthcare, US — targeted by Anubis, who allegedly stole 2 TB of data. The attack caused mass disruption to its healthcare services for nearly 10 days.
- Bendigo & District Aboriginal Co-operative, Australia — targeted by INC. Community services weren’t widely affected by the attack but the co-operative was working to identify those involved in the subsequent breach.
- Minidoka Memorial Hospital, US — yesterday, new ransomware group Blackwater claimed this Easter weekend attack on the Idaho hospital. It alleges to have stolen 577 GB of data. The incident disrupted various hospital services, including medical imaging.
About the Hospital Caribbean Medical Center
The Caribbean Medical Center is located in Fajardo, Puerto Rico, and operates 45 beds, four of which are in intensive care.
