Nonprofit U.S. healthcare provider AspenPointe has said it suffered a major data breach in September that resulted in the loss of the personal and medical information of 295,617 patients.