Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Coos County Family Health Services

Coos County Family Health Services Vendor Cyber Rating & Cyber Score

coosfamilyhealth.org

We're a nonprofit, community-based organization dedicated to improving the health and well-being of North Country residents, regardless of income or insurance status. We offer a broad range of health and social services to children and adults including primary care, pediatrics, women's health, podiatry, behavioral health, oral health, and programs that address the needs of survivors of domestic violence and sexual assault.


CCFHS A.I CyberSecurity Scoring

CCFHS
Company Information
Website:http://www.coosfamilyhealth.org
Employees number:7
Number of followers:34
NAICS:71394
Industry Type:Wellness and Fitness Services
Homepage:coosfamilyhealth.org
CCFHS Risk Score (AI oriented)
Between 0 and 549
logo
CCFHSWellness and Fitness Services
Updated:
03/04/2026
484/1000
Critical
C
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
CCFHS Global Score (TPRM)
xxxx
logo
CCFHSWellness and Fitness Services
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

CCFHS
CCFHSCritical
Current Score
484C (CRITICAL)
01000
4 incidents
-80 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
505Before Incident
JUNE 2026
501Before Incident
MAY 2026
494Before Incident
APRIL 2026
489Before Incident
MARCH 2026
483Before Incident
FEBRUARY 2026
477Before Incident
JANUARY 2026
471Before Incident
DECEMBER 2025
458Before Incident
NOVEMBER 2025
457Before Incident
OCTOBER 2025
527Before Incident
Breach
14 Oct 2025CCFHS
Coos County Family Health Services

Coos County Family Health Services Data Breach

447After Incident
CRITICAL-80
COO4792447101425
Coos County Family Health Services, a New Hampshire-based healthcare provider, experienced a cybersecurity incident resulting in the unauthorized access of personally identifiable information (PII) and protected health information (PHI) of approximately 40,000 individuals. The compromised data included names, dates of birth, contact details, Social Security numbers, and sensitive health records. The breach exposed patients to risks such as identity theft, financial fraud, and medical fraud, given the highly sensitive nature of the leaked information. The incident prompted a legal investigation by Lynch Carpenter, LLP, a national class-action law firm, which is assessing claims for potential compensation on behalf of affected individuals. The breach underscores significant vulnerabilities in the healthcare provider’s data security measures, raising concerns over compliance with HIPAA and other data protection regulations. The exposure of SSNs and PHI amplifies the severity, as such data can be exploited for long-term fraudulent activities, severely impacting the victims' financial and personal well-being.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
PII (names, dates of birth, contact information, Social Security numbers)PHIBrand Reputation Impact: Potential (class action investigation initiated)Legal Liabilities: Potential (Lynch Carpenter, LLP investigating claims)Identity Theft Risk: High (PII and SSNs exposed)
DATA BREACH
PIIPHINumber Of Records Exposed: 40,000Sensitivity Of Data: High (includes SSNs and PHI)Data Exfiltration: Yes (records obtained by unauthorized person)NamesDates of birthContact informationSocial Security numbers
SEPTEMBER 2025
525Before Incident
AUGUST 2025
519Before Incident
JULY 2025
664Before Incident
Ransomware
01 Jul 2025CCFHS
Coos County Family Health Services

Cyberattack on Coos County Family Health Services

507After Incident
CRITICAL-157
COO2692626101025
Coos County Family Health Services, a New Hampshire-based healthcare provider, suffered a ransomware attack in July 2025, where an unauthorized actor infiltrated its internal network and exfiltrated sensitive patient data. The breach exposed personally identifiable information (PII) and protected health information (PHI)—including names, dates of birth, contact details, Social Security numbers, medical IDs, and clinical records—of 40,185 current and former patients. The Run Some Wares ransomware group claimed responsibility, posting stolen data on a dark web forum. The incident triggered regulatory disclosures to the U.S. Department of Health and Human Services, as well as notifications to affected individuals in New Hampshire, Maine (1,222 residents), and Massachusetts (365 residents). The organization responded by securing systems, engaging law enforcement, and offering 12 months of free credit monitoring and identity protection services to victims. The breach poses risks of identity theft, financial fraud, and targeted phishing attacks leveraging exposed health and personal data.
INCIDENT DETAILS -
TYPE
Data BreachRansomware Attack
IMPACT
Personally Identifiable Information (PII)Protected Health Information (PHI)Internal network systemsBrand Reputation Impact: Potential reputational damage due to exposure of sensitive patient dataIdentity Theft Risk: High (due to exposure of SSNs, medical IDs, and other sensitive data)
DATA BREACH
NamesDates of birthContact informationSocial Security numbersMedical identification numbersMedical informationSensitivity Of Data: High (includes PII and PHI)Data Exfiltration: Likely (claimed by 'Run Some Wares' on dark web)
APRIL 2023
664Before Incident
Breach
28 Apr 2023CCFHS
Coos Health & Wellness

Coos Health & Wellness Data Breach (2023)

603After Incident
CRITICAL-61
COO029091825
The Maine Office of the Attorney General disclosed a data breach affecting Coos Health & Wellness (CHW) on December 16, 2023, stemming from an unauthorized network access (hacking) incident that occurred on April 28, 2023. The breach compromised sensitive personal and medical data of at least one Maine resident, including Social Security numbers and medical information. Such exposed data heightens risks of identity theft, financial fraud, and misuse of protected health information (PHI). In response, CHW has provided 12 months of identity theft protection services via IDX to mitigate potential harm. The incident underscores vulnerabilities in healthcare cybersecurity, where even limited exposures can have severe repercussions for individuals due to the sensitivity of the leaked data. The breach’s scope—though reported as affecting a single resident—raises concerns about broader systemic weaknesses, potential underreporting, or targeted exploitation of high-value personal records.
INCIDENT DETAILS -
TYPE
Data Breach
IMPACT
Social Security numbersmedical informationIdentity Theft Risk: High (SSN and medical data exposed)
DATA BREACH
Social Security numbersmedical informationNumber Of Records Exposed: 1Sensitivity Of Data: HighPersonally Identifiable Information: Yes
SEPTEMBER 2021
768Before Incident
Ransomware
01 Sep 2021CCFHS
Coös County Family Health Services (CCFHS)

Coös County Family Health Services Data Breach (July 2025)

620After Incident
CRITICAL-148
COO0492404101025
Coös County Family Health Services (CCFHS), a New Hampshire-based community healthcare provider, suffered a ransomware attack in July 2025, confirmed by the Run Some Wares group in August. The breach exposed 40,185 individuals' sensitive data, including names, dates of birth, contact details, Social Security numbers, medical IDs, and medical records. The attack began with suspicious activity on July 9, 2025, leading to unauthorized server access, where data was potentially viewed or copied. The incident follows a previous ransomware attack in September 2021, highlighting recurring vulnerabilities. While CCFHS has not officially confirmed the ransomware claim, it is offering 12 months of free credit monitoring to affected individuals. The breach aligns with a broader trend of rising ransomware attacks on US healthcare, with 6.2 million records compromised across 63 confirmed incidents in 2025 alone. The attack disrupted operations, risked patient privacy, and reinforced the sector’s susceptibility to data theft and system encryption by cybercriminal groups.
INCIDENT DETAILS -
TYPE
Data BreachRansomware Attack (unconfirmed)
MOTIVATION
Financial Gain (presumed)Data Theft (presumed)
IMPACT
Phone systemsServersBrand Reputation Impact: High (healthcare data breach affecting 40,185 individuals)Identity Theft Risk: High (SSNs and medical data exposed)
DATA BREACH
NamesDates of birthContact informationSocial Security numbers (SSNs)Medical identification numbersMedical informationSensitivity Of Data: High (PII and PHI)Data Exfiltration: Possible (unconfirmed if data was copied)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for CCFHS ?
?
What was CCFHS's A.I Rankiteo Cyber Score in June 2026 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in May 2026 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in April 2026 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in March 2026 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in February 2026 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in January 2026 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in December 2025 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in November 2025 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in October 2025 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in September 2025 ?
?
What was CCFHS's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on CCFHS's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with CCFHS ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view CCFHS's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?