The Mount Rogers Community Services Board in western Virginia has notified 38,191 people about an April 2025 data breach that compromised the following patient info:
- Names
- Social Security Numbers
- Addresses
- Dates of birth
- Insurance and claims info
- Medical info including:
- Diagnoses
- Conditions
- Medications
- Dates of service
- Other treatment info
Additionally, the breach exposed info about some Mount Rogers staff and their dependents:
- Names
- Social Security numbers
- Addresses
- Dates of birth
- Driver’s license numbers
- Medical info
- Benefits enrollment info
- Health insurance numbers
Ransomware gang Inc took credit for the breach in June 2025. To prove its claim, Inc posted sample images of what it says are documents stolen from Mount Rogers.
Mount Rogers has not verified Inc’s claim. We do not know if Mount Rogers paid a ransom, how much Inc demanded, or how attackers breached the Mount Rogers’ network. Comparitech contacted Mount Rogers for comment and will update this article if it replies.
“On or about April 29, 2025, Mount Rogers discovered issues with our computer systems and quickly determined we were the victim of a ransomware incident,” says Mount Rogers’ notice to victims. “Between April 27, 2025, and April 29, 2025, information from Mount Rogers’ systems may have been inappropriately accessed and/or obtained by an unauthorized user.”
Mount Rogers is offering victims free credit and identity monitoring services. Eligible recipients should get instructions on how to enroll in the mail, or they can make a direct request via email.
Who is Inc?
Inc Ransomware emerged in July 2023 and targets a wide range of victims in healthcare, education, and government. Its methods involve spear phishing and exploiting known vulnerabilities in software. Once infected, Inc’s malware both steals data and locks down computer systems until a ransom is paid to unlock them.
The group has taken credit for 116 confirmed ransomware attacks in total, plus 292 unconfirmed claims that haven’t been publicly acknowledged by the targeted organizations.
12 of Inc’s confirmed attacks struck healthcare providers, including:
- The Vascular Experts (Southern Connecticut Vascular Center) notified 154,417 people of a May 2025 data breach
- Gardner Orthopedics notified 47,000 people of an April 2025 data breach
- Orthopaedic Specialists of Connecticut notified 22,541 people of a March 2025 data breach
Ransomware attacks on US healthcare
In 2025 to date, Comparitech researchers have logged 53 confirmed ransomware attacks on US hospitals, clinics, and other direct care providers, compromising 3.4 million records. The average ransom demand is $507,000.
Other recently confirmed such attacks include:
- Highlands Oncology Group notified 113,575 people of a January 2025 data breach for which ransomware group Medusa demanded a $700,000 ransom
- West Texas Oral Facial Surgery notified 11,151 people of a May 2025 data breach claimed by Inc
- Good Samaritan Health Center of Cobb reported a November 2024 cyber attack claimed by Qilin
- WPM Pathology Laboratory notified 5,694 people of a November 2024 data breach claimed by Fog
Ransomware attacks on healthcare providers can cripple critical systems and endanger the health, privacy, and security of patients. Targeted companies must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk of fraud. Hospitals and clinics might have to resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.
About the Mount Rogers Community Services Board
Mount Rogers Community Services is a not-for-profit organization that helps people with mental and physical disabilities and substance abuse disorders. It operates 10 locations in Wytheville, Galax, Marion, and Independence, Virginia. They include adult counseling centers, youth and family services, and walk-in crisis care centers. Mount Rogers is governed by a 14-member board of directors.
