Sensitive data belonging to 160,312 Americans is at risk following a cybersecurity incident at Southern Illinois Dermatology. The U.S. Department of Health and Human Services Office for Civil Rights confirmed the breach involved a network server.
The healthcare firm discovered in November 2025 that its network had been compromised. An investigation revealed that unauthorized parties accessed or acquired files containing personal and protected health information in March.
Potentially compromised data includes names, addresses, dates of birth, Social Security numbers, phone numbers, email addresses, and medical record numbers. The company stated there was no indication of identity theft or fraud at the time of notification.
Reports indicate unauthorized access to patient data storage areas, with files possibly copied. Notification letters were issued in April 2026. Southern Illinois Dermatology is strengthening its cybersecurity measures.