Australian medical manufacturer Compumedics this week confirmed it notified at least 320,404 people of a March 2025 data breach that compromised the following patient info:
- Names
- Social Security numbers
- Health insurance info
- Dates of birth
- Demographic info
- Medical record numbers
- Treatments and diagnoses
- Dates of treatment
- Provider names
- Sleep study details and results
Compumedics says the attack infected both its Australian and US systems. The attack had a downstream impact on several hospitals and clinics, many of which are issuing their own data breach notices to patients:
- Hope Healthcare (FL, VA)
- Bronson Healthcare Group (MI)
- Chest Medicine Associates (PA, ME)
- Billings Clinic (MT, WY, ND, SD)
- Davis Medical Center (WV)
- Northern Light AR Gould (ME)
- Northern Light Eastern Maine Medical Center (ME)
- Northern Light Sebasticook Valley Hospital (ME)
- VCU Health System Authority (VA)
- Vitalcare Family Practice (VA)
- Erlanger (TN, NC)
- Adelaide’s Women’s and Children’s Hospital (Australia)
- Bermuda Sleep & Signature Services (Bermuda)
Ransomware group Van Helsing on March 26, 2025 took credit for the attack on Compumedics and its subsidiary, NeuroMedical Supplies.
Compumedics has not verified Van Helsing’s claim. We do not yet know if Compumedics paid a ransom, how much Van Helsing demanded, or how attackers breached Compumedic’s network. Comparitech contacted Compumedics for comment and will update this article if it responds.
“After initially identifying the incident on March 22, 2025, we immediately took steps to secure our systems and contain the incident,” says Compumedics’ notice to victims. “The investigation determined that an unauthorized party accessed certain Compumedics systems between February 15, 2025, and March 23, 2025, and reviewed or copied some files.”
Compumedics is offering eligible victims free credit monitoring.
Who is Van Helsing?
Van Helsing is a new ransomware group and Compumedics is its first confirmed attack target. It both steals data and encrypts target systems, forcing organizations to pay both for system restoration and to delete stolen data.
The group has claimed responsibility for seven other unconfirmed attacks that haven’t been publicly acknowledged by the targeted organizations. Four of those were US companies, and the attacks span targets in government, healthcare, tech, manufacturing, law, and construction.
Ransomware attacks on healthcare
Comparitech researchers have logged 17 confirmed ransomware attacks on businesses in the healthcare sector (not direct care providers like hospitals and clinics), compromising more than 6 million records.
Other recent such attacks include:
- Episource (USA) notified 5.4 million people of a January 2025 breach by unknown ransomware
- Ocuco Limited (Ireland) notified 240,961 people of an April 2025 data breach claimed by KillSec
Another 67 unconfirmed ransomware attacks on US healthcare have been claimed by ransomware groups but not acknowledged by the targeted organizations.
Attacks on healthcare companies, such as software developers and device manufacturers, tend to store a lot of patient data from multiple clinics and hospitals, which makes them attractive targets for ransomware gangs. In 2024, we recorded 51 such attacks compromising more than 205 million records. 190 million of those stemmed from an attack on Change Healthcare.
About Compumedics
Compumedics is an Australian company that makes medical tools to monitor sleep issues, brain activity, and blood flow. It employs about 135 people, according to external sources.
