Pulse Urgent Care Center in Redding, California is notifying an undisclosed number of patients about a March 2025 data breach, according to a disclosure published by the California attorney general. The breach compromised the following personal info:
- Names
- Social Security numbers
- Driver’s license numbers
- Medical info
- Health insurance info
A ransomware gang called Medusa took credit for the attack. To prove its claim, the cybercriminal group posted images of what it says are documents stolen from Pulse Urgent Care Center. Medusa demanded $120,000 in ransom for the data.
Pulse Urgent Care Center has not verified Medusa’s claim. We do not know if Pulse paid a ransom or how attackers breached the clinic’s network. Comparitech contacted Pulse Urgent Care for comment and will update this article if it replies.
“On March 24, 2025, we became aware of a suspicious activity within our network which we promptly contained,” says Pulse’s notice (PDF) to victims. “On May 1, 2025, we received additional information that led us to believe some patient information may have been accessed during the event.”
Pulse is offering eligible victims 12 months of free credit monitoring and identity theft protection via TransUnion. The deadline to enroll is 90 days from the date on the notice letter. The copy posted by the California AG is dated December 26, 2025.
Who is Medusa?
Medusa first appeared in September 2019 and debuted its leak site in February 2023, where it publishes stolen data of victims who don’t pay ransoms. Medusa both locks down computer systems and steals data, forcing infected organizations to pay a ransom to restore systems and to not publish stolen data. The gang operates a ransomware-as-a-service scheme in which customers pay to use Medusa’s malware and infrastructure to launch attacks and collect ransoms.
In 2025, Medusa took credit for 153 ransomware attacks, 31 of which were confirmed by the targeted entities. Those confirmed attacks compromised more than 1.6 million records. Medusa’s average ransom demand is $563,000.
11 of Medusa’s confirmed attacks hit hospitals, clinics, and other direct care providers. The largest of these was an attack on SimonMed Imaging in January 2025, which compromised nearly 1.3 million records.
Ransomware attacks on US healthcare
Comparitech researchers logged 92 confirmed ransomware attacks on US hospitals, clinics, and other direct care providers in 2025. Those attacks compromised more than 8.8 million records.
Other such recent attacks include:
- Richmond Behavioral Health Authority notified 113,232 people of a September 2025 data breach claimed by Qilin
- Covenant Health notified 478,188 people of a May 2025 data breach claimed by Qilin
- Brevard Skin and Cancer Center notified 55,500 people of a September 2025 data breach claimed by PEAR
Ransomware attacks on US hospitals, clinics, and other care providers can steal data and lock down infected computer systems. They can cripple critical systems and endanger the health, privacy, and security of patients. Infected hospitals and clinics must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk. Hospitals and clinics might resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.
About Pulse Urgent Care Center
Docs Medical Group, which does business as Pulse Medical Center, consists of two locations in Redding and Red Bluff, California. It was founded in 2010 and opened its Red Bluff location in 2023.
