Horizon Behavioral Health Becomes Victim of Ransomware Attack

The incident occurred in March.

By HFT Staff


On March 16, 2025, Horizon Behavioral Health discovered issues with their computer systems and quickly determined they were the victim of a ransomware incident. Horizon immediately took steps to stop the ransomware and engaged outside cybersecurity experts to investigate this event.  Based on their investigation, it appears the incident began on or around March 13, 2025.  Between March 13, 2025, and March 16, 2025, information from Horizon’s systems may have been inappropriately accessed and/or obtained by an unauthorized user. 

The data impacted differed by individual and mostly pertained to information about insurance claims. Information involved may have included one or more of the following types of information: demographic information (such name, Social Security number, address, ZIP code, driver’s license number, date of birth, or similar identifier), clinical information (which may include diagnosis/conditions, medications, or other treatment information), or information related to insurance or claims information. 

Horizon have notified state and federal law enforcement, including the FBI’s Cyber Crimes Division, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), and the Cyber Fusion Center of the Virginia State Police. Horizon is supporting all law enforcement investigations into this matter. 

Horizon is continuing to evaluate additional actions to strengthen their network security in the face of an ever-evolving cyber threat landscape. 



May 8, 2025


Topic Area: Information Technology , Security


Recent Posts

Partnering on Personnel: Strategies for Success

Environmental services in healthcare have special staffing circumstances. They must meet stringent compliance standards and maintain accreditations.


Kaiser Permanente Opens First Two Medical Offices in Northern Nevada

These are part of its joint venture with Renown Health.


Acadia Healthcare Reports Data Breach

This incident did not disrupt Acadia’s operations or its ability to care for patients.


Site Selection Mistakes: What Not To Do

Healthcare providers that treat site selection as a strategic decision, not a simple real estate deal, will be positioned for long-term success.


High-Performance EFCO Systems Shape MUSC's New Black River Medical Center

Case study: A sweeping curved-glass entrance, impact-resistant envelope and energy-efficient fenestration support a sustainable, resilient design for one of South Carolina’s newest rural hospitals.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.