NeuroSav Sends Breach Notifications to Hacking Incident Victims

Georgia’s Neurological Institute of Savannah & Center for Spine (NeuroSav) reported a data breach that happened in the summer of 2024. A potential data breach reported in August 2024 mentioned that NeuroSav was added to the RansomHub ransomware group’s dark web data leak site. RansomHub stated it exfiltrated many gigabytes of information but did not encrypt the files.

In April 15, 2025, NeuroSav published a breach notice on its website. The healthcare provider mentioned that an unauthorized third party obtained some files from its computer systems from June 1, 2024, to July 21, 2024. A prominent cybersecurity company investigated the security incident to determine the scope of data theft. On or about January 24, 2025, NeuroSav established that the stolen information included sensitive patient information. The types of information included differed from one person to another and might have involved patient names together with at least one of these data: birth dates, diagnoses/medical conditions, MRI imaging scans, laboratory test results, prescription drugs, medical record numbers, claims data, CPT codes, subscriber numbers, and Social Security numbers for some individuals.

NeuroSav is sending breach notification letters to the 32,548 individuals affected by the incident, and is offering free credit monitoring services. NeuroSav stated it did not know of any incident that used stolen information for identity theft or fraud. As per NeuroSav, it already took steps to protect sensitive patient information before the breach and has been improving those safety measures since. The improvements include the following steps:

• Adopting extra encryption technologies
• Global password rotation through all access points and programs
• Adding new and regular technical safety measures
• Providing extra HIPAA training to the employees