When did the Melwood ransomware attack occur?

The incident took place between August 9 and August 17, 2025.

What data was stolen in the Melwood breach?

The stolen data includes full names, Social Security numbers, home addresses, and other sensitive personal information.

What services is Melwood offering to victims?

Melwood is providing 12 months of free identity and credit monitoring services through Cyberscout.

How many people were affected by the Melwood breach?

Filings indicate that approximately 4,614 individuals were affected by the breach.

Incident

Melwood Ransomware Attack and Data Breach

Q: Who is responsible for the Melwood data breach?

The Sinobi ransomware group claimed responsibility for the attack.

published: Jan. 28, 2026

Learn More

Melwood, a Maryland-based nonprofit serving people with disabilities, reports a data breach following a ransomware attack claimed by the Sinobi group.

Attackers broke into the network between August 9 and August 17, 2025, accessed and copied sensitive files from the organization's systems.

The Sinobi ransomware group claimed responsibility for the hit on September 8, 2025. Melwood's investigation confirmed that unauthorized actors moved through the network and stole data before the organization could stop the activity. The exposed data includes:

Full names
Social Security numbers
Home addresses
Other sensitive PII

The number of affected individuals is not disclosed. Melwood notified the authorities and is providing 12 months of free identity and credit monitoring.

Security experts suggest placing fraud alerts or credit freezes on credit files to prevent identity theft.

Melwood Ransomware Attack and Data Breach

Read More
Center for Creative Leadership reports data breach
Brightpoint social services agency reports data breach
Charity Extern reporting data breach after ransomware attack
German aid organization Welthungerhilfe hit by ransomware attack
The North Los Angeles County Regional Center reports …