Two cybercriminal groups now say they hacked Insight Hospital & Medical Center in Chicago.
Insight Chicago recently posted a notice about an August 2025 data breach that compromised the following info:
- Names
- Social Security numbers
- Dates of birth
- State-issued ID numbers (e.g. passport, driver’s license)
- Financial account info
- Treatment-related info
- Health insurance info
Two cybercriminal groups claim they’ve hacked Insight Chicago and stolen data. Today, a ransomware group called Termite said it stole 360 GB of data from the hospital. And in December 2025, another group called LockBit said it stole 200 GB.
Insight Chicago has not acknowledged either group’s claim and Comparitech cannot verify their authenticity. We do not know how attackers breached the hospital’s network, if Insight Chicago paid a ransom, or how much ransom the two groups demanded. Comparitech contacted Insight Chicago for comment and will update this article if it replies.
“In September 2025, we learned of unusual activity within its network,” says Insight Chicago’s notice (PDF) to breach victims. “The investigation determined that an unauthorized individual accessed the network between August 22, 2025 and September 11, 2025 along with certain files and data stored within the network.”
The notice does not mention any offer of free credit monitoring or identity theft protection, which is the status quo following a breach of this severity.
Who are Termite and LockBit?
Termite and LockBit are both cybercriminal groups that deploy ransomware against targets to steal data and lock down target systems. LockBit is an older and more infamous operation, while Termite is younger and less well-known.
LockBit took credit for 133 data breaches in 2025, and 10 of those were confirmed by the targeted organizations.
Recently, Hennessy Advisors notified 12,643 people of a March 2025 data breach claimed by LockBit.
In 2026 to date, LockBit has claimed responsibility for six more confirmed attacks including one on Mt. Spokane Pediatrics in January.
Termite logged seven confirmed attacks in 2025. One targeted Genea, a healthcare company in Australia.
Ransomware attacks on US healthcare
Comparitech researchers tracked 122 confirmed ransomware attacks on US hospitals, clinics, and other healthcare providers in 2025.
Some other recently-confirmed such attacks include:
- Greater Pittsburgh Orthopedic Associates notified 56,954 people of an August 2025 data breach claimed by RansomHouse
- New Age Dermatology reported a December 2025 ransomware attack
- Virginia Urology notified 1,893 people of a November 2025 data breach claimed by MS13-089
In 2026, we’ve so far confirmed attacks on Pecan Tree Dental, which notified 13,300 people of a breach claimed by Sinobi, and the University of Mississippi Medical Center, which is still recovering systems at time of writing.
Ransomware attacks on US hospitals, clinics, and other care providers can steal data and lock down infected computer systems. They can cripple critical systems and endanger the health, privacy, and security of patients. Infected hospitals and clinics must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk. Hospitals and clinics might resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.
About Insight Chicago
Formerly Mercy Hospital and Medical Center, Insight Hospital and Medical Center is a 414-bed hospital in Chicago, IL. Insight Health Systems bought and renamed the hospital in 2021.
