Marlboro-Chesterfield Pathology Data Breach Exposes Social Security Numbers and Health Records

Healthcare data breach illustration
Breach Discovery: January 2025Breach Notification: May 2025

What Happened in the Marlboro-Chesterfield Pathology Data Breach?

Marlboro-Chesterfield Pathology, a molecular, cytology, and pathology service provider based in Pinehurst, North Carolina, suffered a ransomware attack that led to a major data breach. The attack was carried out by the SafePay ransomware group. As a result, the personal and health information of hundreds of thousands of people ended up in criminal hands.

According to the company, unauthorized access to its network occurred in January 2025. This means attackers were inside the system before anyone noticed the intrusion. Once discovered, the company brought in forensic specialists to determine the scope of the incident.

The investigation confirmed that attackers accessed sensitive files containing personal and medical information. Because pathology labs store highly sensitive health data, the exposure was especially serious. The Marlboro-Chesterfield Pathology data breach ultimately affected 235,911 individuals, according to the forensic findings.

After completing its review, the company began notifying affected individuals in May 2025. This notification triggered a wave of concern among patients whose data had been compromised. It also led directly to legal action against the organization.

Who was affected?

The breach affected patients whose samples or records were processed through Marlboro-Chesterfield Pathology’s systems. Because the company provides pathology and diagnostic testing services, most affected individuals are likely patients rather than employees. This means the exposure directly touches people who may not have had any direct relationship with the lab itself, since referring physicians often send specimens for testing.

In total, 235,911 individuals had their data compromised in the attack. This is a large number for a single healthcare provider, and it suggests the breach reached patients across a wide geographic area. The source does not specify whether minors were among those affected, but pathology testing often includes patients of all ages, so this remains a possibility.

What Information Was Potentially Exposed?

The forensic investigation confirmed that several categories of sensitive personal and health information were accessed during the attack. This combination of data types makes the breach particularly concerning for those affected.

  • Full names
  • Dates of birth
  • Social Security numbers
  • Protected health information

Because Social Security numbers were exposed, affected individuals face a heightened risk of identity theft. Criminals can use this information to open new credit accounts, file fraudulent tax returns, or apply for loans in someone else’s name. As a result, victims may not notice the damage until they check their credit reports or receive unexpected bills.

In addition, the exposure of protected health information raises the risk of medical identity theft. This can involve criminals using someone’s identity to obtain medical services or prescriptions. Because health records often reveal sensitive diagnoses or treatment history, their exposure can also lead to privacy harms beyond financial fraud.

What is the company doing?

Once Marlboro-Chesterfield Pathology identified the unauthorized access, it launched a forensic investigation to determine what happened and which records were involved. This investigation confirmed the scope of the compromised data before the company notified affected individuals in May 2025. The company also worked to secure its network following the intrusion.

In response to the class action lawsuit that followed, Marlboro-Chesterfield Pathology agreed to a settlement, though it maintains there was no wrongdoing. Under the terms of the agreement, the company will cover attorneys’ fees, settlement administration costs, and a service award for the class representative. Additionally, affected individuals are entitled to a one-year membership in a credit monitoring and identity theft protection service that includes a $1 million identity theft insurance policy.

What Should Affected Individuals Do?

Monitor Your Credit Reports Closely

Affected individuals should regularly check their credit reports for signs of unauthorized activity. Because Social Security numbers were exposed, new accounts could be opened without your knowledge. Checking reports from all three major credit bureaus gives a fuller picture of any suspicious activity.

You can request free credit reports annually through the official government-authorized website. If you notice unfamiliar accounts or inquiries, report them immediately. Acting quickly can limit the damage caused by identity thieves.

Consider a Fraud Alert or Credit Freeze

Because sensitive financial identifiers like Social Security numbers were compromised, placing a fraud alert or credit freeze is a smart precaution. A fraud alert requires creditors to verify your identity before opening new accounts. A credit freeze goes further, blocking access to your credit file entirely.

Both options are free to set up with each credit bureau. Although a credit freeze offers stronger protection, it also requires you to lift it temporarily when applying for new credit. Either way, this step can meaningfully reduce your risk of fraudulent account openings.

Protect Against Medical Identity Theft

Since protected health information was exposed, affected individuals should watch for signs of medical identity theft. This can include unfamiliar charges on medical bills or notices about services you never received. Reviewing explanation-of-benefits statements from your insurer can help catch problems early.

If you notice anything unusual, contact your healthcare provider and insurer right away. You should also request a copy of your medical records to check for inaccuracies. This helps ensure your medical history remains accurate and free of fraudulent entries.

Enroll in the Offered Identity Protection Service

As part of the settlement, affected individuals are entitled to a one-year membership in a credit monitoring and identity theft protection service. This service includes $1 million in identity theft insurance. Enrolling is a straightforward way to add an extra layer of protection at no cost.

Because this benefit is available regardless of whether you file a claim for reimbursement, there is little reason not to take advantage of it. Signing up promptly ensures you receive monitoring coverage as soon as possible. This can help you catch suspicious activity before it causes lasting harm.

Stay Alert for Phishing Attempts

After a data breach, scammers often use stolen information to craft convincing phishing emails or phone calls. These messages may pretend to be from Marlboro-Chesterfield Pathology, a bank, or a government agency. As a result, it’s important to verify the identity of anyone requesting personal information before responding.

Never click on links or provide sensitive details in response to unsolicited messages. Instead, contact the organization directly using a verified phone number or website. This simple habit can prevent scammers from gaining further access to your personal information.



More Information

Official data breach notification from Oregon Department of Justice

Related Data Breaches