A cybercriminal group called Anubis today claimed responsibility for a data breach at Singing River Health System in Jackson County, MS. Singing River last month notified 53,888 people of a December 2025 data breach that compromised the following patient info:
- Names
- Social Security numbers
- Bank account info
- Medical info
- Health insurance info
- Provider names
- Internal patient ID numbers
- Dates of service
- Treatment and diagnostic info
On its data leak site, Anubis claims to have stolen 293 GB of data from SRHS, or more than 1.2 million files. To prove its claim, Anubis posted sample images of files it says it stole from SRHS, including intimate images of surgeries and injuries.
Singing River Health System has not acknowledged Anubis’ claim and Comparitech cannot independently verify its authenticity. We do not know how attackers breached SRHS, if it paid a ransom, or how much Anubis demanded. Comparitech contacted SRHS for comment and will update this article if it replies.
“The investigation determined that the unauthorized party accessed SRHS’s systems between December 19, 2025 and December 21, 2025. Through this investigation, on February 10, 2026, we learned that the unauthorized party had accessed certain SRHS files that contained patient information,” SRHS said in a data breach notice posted to its website on May 19, 2026.
SRHS offered breach victims free credit monitoring through IDX.
The December 2025 data breach was not SRHS’ first tangle with ransomware. Following an August 2023 data breach, it notified 895,204 people that their Social Security numbers and medical info had been compromised. Another ransomware group called Rhysida took credit and demanded $777,000.
SRHS was also impacted by a 2024 ransomware attack on Change Healthcare, which prompted SRHS to change payment processors.
Who is Anubis?
Anubis is a ransomware group that first surfaced in late 2024. Its malware both steals data and lock down infected computer systems. Anubis operates a ransomware-as-a-service scheme in which affiliates pay Anubis to use its malware and infrastructure to launch attacks and collect ransoms.
Anubis has claimed responsibility for 74 ransomware attacks in total. Of those, 14 were confirmed by the organizations it attacked, and half of those were healthcare providers. They include:
- Pound Road Medical Center (Australia) reported a November 2024 data breach
- Ambleside (NC) reported an August 2024 data breach
- Dermatology Associates of Concord (MA) reported a September 2025 data breach
- AllerVie Health (TX) reported an October 2025 data breach
- Mid-South Pulmonary & Sleep Specialists (TN) reported a November 2025 data breach
- Signature Healthcare (MA) reported an April 2026 data breach
In 2026 to date, Anubis has made 35 attack claims. So far, three have been confirmed by the targeted organizations.
Ransomware attacks on US healthcare
Comparitech researchers logged 143 confirmed ransomware attacks on US hospitals, clinics, and other healthcare providers in 2025. Those attacks compromised more than 12.3 million records.
In 2026 to date, we’ve recorded 17 such attacks. Some other recently confirmed claims include:
- Clarinda Regional Health Center (IA) notified 24,341 people of an October 2025 data breach claimed by LockBit
- Western Orthopaedics (CO) notified 113,330 people of a September 2025 data breach claimed by PEAR
- Central Medical Services of Westrock (NY) reported a May 2026 data breach claimed by INC
- Nottingham Village (PA) notified 7,919 people of a November 2025 data breach claimed by Qilin
- Rivertown Surgery Center (SC) notified 1,426 people in South Carolina of a September 2025 data breach claimed by Qilin
- NJ Pain Care Specialists (NJ) reported a February 2026 data breach claimed by Lynx
Ransomware attacks on hospitals, clinics, and other care providers can steal data and lock down infected computer systems. They can cripple critical systems and endanger the health, privacy, and security of patients. Infected hospitals and clinics must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk. Hospitals and clinics might resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.
About Singing River Health System
The Singing River Health System is a group of three hospitals, four pharmacies, two hospice services, and dozens of other clinics and specialty centers in the Mississippi Gulf Coast area. It includes the Ocean Springs Hospital, Pascagoula Hospital, and Singing River Gulfport.
According to its website, SRHS is the second-largest employer in Jackson County with more than 3,500 employees, and it cares fore more than 100,000 patients per year.