Cyberattack at Hampton Regional Medical Center exposed patient data

Hampton Regional Medical Center in Varnville, South Carolina, has disclosed a cybersecurity incident that may have compromised sensitive patient information. The general acute care hospital said suspicious activity was detected in its computer systems on or around July 16, 2025. A subsequent investigation revealed that an unauthorized party gained access to certain systems between June 18 and July 16, potentially exposing and copying patient data.

The hospital confirmed that files accessed during the intrusion contained personal and health-related information. Data potentially exposed includes names, dates of birth, Social Security numbers, driver’s license or state identification numbers, demographic details, and medical records. Officials said the ongoing review of affected files will determine which individuals were impacted and the specific information involved.

At this stage, the total number of patients affected remains unknown. Hampton Regional said it will mail notification letters once the file review is complete. In the meantime, patients are urged to take precautions against possible identity theft and fraud. Recommendations include monitoring financial account statements, reviewing free annual credit reports, and checking explanation of benefits statements for suspicious activity.

Hospital officials emphasized that additional administrative and technical safeguards are being implemented to strengthen system security. Policies and procedures are also under review in response to the incident.

Hampton Regional is the latest healthcare provider to confront the risks of data breaches in the sector, where attackers increasingly target hospitals and medical centers due to the high value of patient records on illicit markets.