Liberty Resources reports ransomware attack, data breach exposing patient data

Liberty Resources, Inc., a nonprofit behavioral health, physical health, and social services agency based in Syracuse, New York, is reporting a data breach that exposed sensitive personal and protected health information of patients. 

The breach was claimed by the RHYSIDA ransomware group and listed the company on its dark web portal on August 15, 2024, threatening to publish the information within seven days while demanding a ransom of 20 Bitcoin, valued at approximately $1.2 million at the time. Liberty Resources did not pay the ransom, and the group subsequently released proof-of-concept documents including passport scans and other sensitive materials.

The investigation concluded that attackers breached the network and stole sensitive files between July 8 and July 22, 2024.

The compromised data includes:

• Names
• Addresses
• Dates of birth
• Social Security numbers
• Driver's license numbers
• Government-issued identification numbers
• Medical information
• Health insurance information
• Certain financial information

Liberty Resources reported the incident to the Massachusetts Attorney General's office on November 20, 2025. It's not clear why the notification took more than a year after the incident.

The total number of impacted individuals is not disclosed. The organization is offering complimentary identity theft protection services to affected individuals which includes credit and cybesecurity monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services.