When did the Black Hills Regional Eye Institute ransomware attack occur?

Black Hills Regional Eye Institute detected suspicious activity within its network on January 8, 2025. The investigation confirmed that patient information was accessed and stolen during this incident.

What types of patient information were compromised in the Black Hills Regional Eye Institute breach?

The exposed data includes names, dates of birth, Social Security numbers, dates of service, driver's license numbers, insurance information, diagnostic treatment information, medical record numbers, medical histories, medication treatment locations, medications, provider names, surgical information, and credit card information.

How many patients were affected by the Black Hills Regional Eye Institute data breach?

The number of impacted individuals has not been disclosed by Black Hills Regional Eye Institute. While the Qilin ransomware group claimed to have obtained 200 GB of data, the exact number of affected patients remains unknown.

When did Black Hills Regional Eye Institute report the ransomware attack publicly?

Black Hills Regional Eye Institute publicly reported the incident on August 29, 2025, approximately 7 months and 3 weeks after the initial detection on January 8, 2025. The organization is notifying affected individuals by mail.

How much data did the Qilin ransomware group claim to steal from Black Hills Regional Eye Institute?

The Qilin ransomware group alleged they had obtained 200 GB of data from Black Hills Regional Eye Institute during the cyberattack. This represents a significant amount of potentially sensitive patient and organizational information.

What should patients of Black Hills Regional Eye Institute do if they were affected?

Affected patients should take advantage of the free credit monitoring services offered by the institute, especially if their Social Security numbers were compromised. They should also monitor their financial accounts, consider placing fraud alerts or credit freezes, watch for suspicious medical billing, and be vigilant for identity theft attempts given the comprehensive medical and financial information that was exposed.

What type of healthcare facility is Black Hills Regional Eye Institute?

Black Hills Regional Eye Institute is an eye care provider located in Rapid City, South Dakota, that provides specialized ophthalmology and eye care services to patients in the region.

Incident

Black Hills Regional Eye Institute reports ransomware attack

Q: What support is Black Hills Regional Eye Institute offering to affected patients?

Black Hills Regional Eye Institute is offering individuals whose Social Security numbers were compromised free credit monitoring services. The organization is also notifying affected individuals by mail about the incident.

published: Aug. 30, 2025

Learn More

Black Hills Regional Eye Institute, an eye care provider located in Rapid City, South Dakota, is reporting a ransomware attack that exposed sensitive patient information.

On January 8, 2025, Black Hills Regional Eye Institute detected suspicious activity within its network. The investigation confirmed that patient information was accessed and stolen.

The cyberattack was claimed by the Qilin ransomware group. The hackers alleged they had obtained 200 GB of the institute's data. The exposed data includes:

Names
Dates of birth
Social Security numbers
Dates of service
Driver's license numbers
Insurance information
Diagnostic treatment information
Medical record numbers
Medical histories
Medication treatment locations
Medications
Provider names
Surgical information
Credit card information

The number of impacted individuals is not disclosed.

Black Hills Regional Eye Institute publicly reported the incident on Aug. 29, 2025 and is notifying affected individuals by mail. The eye care organization is offering individuals whose Social Security numbers were compromised free credit monitoring services.

Black Hills Regional Eye Institute reports ransomware attack

Read More
Aroostook Mental Health Services (AMHC) Ransomware Attack by …
City of Durant ransomware attack disrupts municipal services
General Physician, PC reports data breach exposing patient …
Mayanei Hayeshua Medical Center targeted by ransomware, shuts …
Dentistry.One reports data breach exposing patient information