A cybercriminal group called Blackwater over the weekend took credit for an April 2026 cybersecurity incident at Minidoka Memorial Hospital in Rupert, Idaho.
The hospital on Easter weekend said the incident disrupted various hospital services including medical imaging.
Blackwater on April 17, 2026 claimed responsibility for the attack on its data leak website, where the group says it stole 577 GB of data from the hospital. Blackwater demanded the hospital pay an undisclosed amount in ransom within one week.
Minidoka Memorial Hospital has not acknowledged Blackwater’s claim and Comparitech cannot independently verify it. We do not know what data was compromised, if the hospital did or will pay a ransom, how much Blackwater demanded, or how attackers breached the hospital’s network. Comparitech contacted Minidoka Memorial Hospital for comment and will update this article if it replies.
“Minidoka Memorial Hospital experienced a cyber incident on Easter morning that temporarily impacted certain systems within our organization,” the hospital announced in an April 17 Facebook post.
“Certain emergency patients were transferred due to limited imaging services, but our Emergency Department and hospital will have full access to imaging services by midnight on April 19th.”
Who is Blackwater?
Blackwater is a new ransomware group that has taken credit for three attacks since it first surfaced in March 2026. Its ransomware appears to both lock down target systems and steal data. It then demands a ransom in exchange for deleting stolen data and restoring infected systems.
Although new, the attack on Minidoka Memorial Hospital wasn’t the group’s first on a hospital. Blackwater says it hacked Medical Park Hospitals Group in Turkey on April 12, 2026, though the hospitals denied being breached.
Ransomware attacks on US healthcare
In 2026 to date, Comparitech researchers have logged nine confirmed ransomware attacks on US hospitals, clinics, and other healthcare providers.
Earlier this month, Signature Healthcare reported a data breach that caused widespread disruption at Brockton Hospital in Massachusetts. A ransomware group called Anubis took credit and said it stole 2 TB of data.
Aroostook Mental Health Services in Maine and Elmwood Healthcare in Rhode Island have both started notifying patients about data breaches that took place earlier this year. Qilin claimed the former in March, and LockBit claimed the latter in January.
We’re monitoring another 82 unconfirmed ransomware attack claims on US healthcare made in 2026.
About Minidoka Memorial Hospital
Minidoka Memorial Hospital is a publicly-owned general hospital in Rupert, Idaho. It operates Minidoka County’s only hospital and nursing home. It employs more than 250 people, according to its website.
