WorldLeaks claims data breach of Myrtue Medical Center

Myrtue Medical Center, a hospital serving Harlan and Shelby County communities in Iowa, was hit by a data breach discovered on June 13, 2025, when suspicious activity was detected on the hospital's computer systems. 

The hospital disconnected remote access capabilities to prevent further unauthorized entry, changed administrative credentials across their network infrastructure and engaged a specialized third-party cybersecurity firm to conduct an investigation.

The incident exposed sensitive patient and organizational data. WorldLeaks claimed responsibility for the breach on June 24, 2025, posting their claim on the Tor dark web network. WorldLeaks has alleged that they successfully accessed and exfiltrated approximately 1.2 terabytes of data from Myrtue Medical Center's network. Myrtue Medical Center has not yet confirmed the exact accuracy of the claims.

The types of exposed data and the number of affected individuals has also not been disclosed.

Myrtue Medical Center has established a dedicated toll-free hotline to address questions and concerns related to the data breach incident. The hospital has committed to sending written notification letters via U.S. mail to all affected individuals once the forensic investigation is completed and the full scope of the breach is determined.

The organization has advised potentially affected individuals to monitor their financial accounts and credit reports for unauthorized activity as a precautionary measure.