Richmond Behavioural Health Authority Data Breach Impacts Nearly 115,000 Individuals

A data security incident earlier this year at Richmond Behavioral Health Authority, a Virginia-based mental health service provider, exposed the sensitive personal information of nearly 115,000 individuals.

 

The Richmond Behavioural Health Authority (RBHA) is a Virginia-based community agency providing mental health, substance use, and developmental services to residents of Richmond, serving as a regional hub for care and crisis intervention.

 

In a data security incident notice published on its website, RBHA said that on September 30, it identified issues within its computer network. The healthcare provider’s immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“Our investigation revealed that malicious actors gained access to RBHA’s network on or about September 29, 2025, and deployed ransomware to encrypt portions of the network. The malicious actors’ network access was terminated as soon as it was detected,” RBHA said.

 

The compromised data included names, Social Security numbers, passport numbers, financial account information and health information. In a filing with the U.S. Department of Health and Human Services Office for Civil Rights, RBHA said that it has identified at least 113,232 individuals impacted by the incident.

 

“RBHA has implemented additional security measures designed to further protect the privacy of our students, staff and partners. Among other steps taken, we engaged a leading strategic service provider to monitor our cybersecurity systems, reviewed our system’s architecture, and implemented stronger policies to prevent future attacks,” RBHA added.

 

RBHA has urged all affected individuals to remain vigilant and monitor their credit reports and financial statements for any suspicious activities and to report suspicious activities to relevant law enforcement authorities and their banks. 

 

 

 

The Qilin ransomware group claimed it had breached RBHA’s internal network, naming the healthcare provider as a victim on its data leak site. The group alleged it had obtained 192 GB of sensitive data and released samples to substantiate its claims.