MHBI A.I CyberSecurity Scoring
MHBI
Company Information
Website:http://macthealth.org
Employees number:95
Number of followers:267
NAICS:71394
Industry Type:Wellness and Fitness Services
Homepage:macthealth.org
MHBI Risk Score (AI oriented)
Between 550 and 599
MHBIWellness and Fitness Services
Updated:
31/03/2026
31/03/2026
576/1000
Very Poor
Ca
MHBI Global Score (TPRM)
xxxx
MHBIWellness and Fitness Services
Score locked

MHBIVery Poor
Current Score
576Ca (VERY POOR)
01000
2 incidents
-104 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
588
JUNE 2026
585
MAY 2026
580
APRIL 2026
579
MARCH 2026
574
FEBRUARY 2026
570
JANUARY 2026
568
DECEMBER 2025
565
NOVEMBER 2025
697
Ransomware
25 Nov 2025 • MHBI
MACT Health Board and Jefferson Blount St. Clair: Birmingham mental health authority warns 30,000+ people of data breach that leaked SSNs and medical info
Ransomware Attack on Alabama Mental Health Provider Exposes 30,000 Patients’ Data
561
CRITICAL-136
MACJBS1770408307
Ransomware Attack on Alabama Mental Health Provider Exposes 30,000 Patients’ Data
The Jefferson Blount St. Clair (JBS) Mental Health Authority in Birmingham, Alabama, has disclosed a November 2025 ransomware attack affecting 30,434 individuals. The breach compromised sensitive personal and medical data, including names, Social Security numbers, health insurance details, dates of birth, diagnoses, treatment records, and Medicare/Medicaid information, spanning records from 2011 to 2025.
The ransomware group Medusa claimed responsibility on December 23, 2025, demanding a $200,000 ransom to destroy 168.6 GB of stolen data. The group posted sample documents as proof, though their authenticity remains unverified. JBS has not confirmed Medusa’s involvement, nor disclosed whether a ransom was paid or how the breach occurred. The organization’s notice to victims did not include offers of credit monitoring or identity theft protection.
Medusa, active since 2019 and operating a ransomware-as-a-service (RaaS) model, has increasingly targeted healthcare providers. In 2025 alone, the group claimed 35 confirmed attacks over half in the healthcare sector exposing 1.76 million individuals’ data. Healthcare victims faced an average ransom demand of $454,000.
The JBS incident is part of a broader surge in healthcare ransomware attacks in 2025. Comparitech researchers recorded 113 confirmed attacks on U.S. hospitals and clinics, compromising 8.9 million patients’ records. Other recent breaches include:
- Neurological Associates of Washington (13,500 victims, claimed by DragonForce)
- MACT Health Board (Rhysida demanded $662,000)
- Alpine Ear, Nose & Throat (65,648 victims, claimed by BianLian)
Such attacks disrupt critical systems, forcing providers to cancel appointments, divert patients, or revert to manual records, while exposing sensitive data to potential misuse.
JBS operates four mental health facilities across Jefferson, Blount, and St. Clair counties in Alabama. The full impact of the breach remains under investigation.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
768
Breach
12 Nov 2025 • MHBI
MACT Health Board Inc.: Mact Health Board Data Breach Lawsuit Investigation
MACT Health Board Data Breach Exposes Sensitive Patient and Employee Information
696
CRITICAL-72
MAC1769447270
MACT Health Board Data Breach Exposes Sensitive Patient and Employee Information
MACT Health Board Inc., a nonprofit tribal healthcare provider serving communities across five California counties Mariposa, Amador, Alpine, Calaveras, and Tuolumne reported a data breach that compromised sensitive personally identifiable information (PII). The organization, which operates multiple medical, dental, behavioral health, and pharmacy clinics, detected unauthorized access to its IT systems between November 12 and November 20, 2025.
An investigation, supported by third-party forensic experts and law enforcement, confirmed that exposed data included names, Social Security numbers, medical records (diagnoses, treatment details, insurance information), driver’s license numbers, and other sensitive records. The review of affected files was completed on January 9, 2026.
Affected individuals were notified and offered 12 months of free credit monitoring through Experian IdentityWorks, along with identity theft insurance. The breach has prompted legal action, with law firm Shamis & Gentile P.A. investigating potential compensation claims for those impacted.
MACT Health Board serves American Indian and Alaska Native populations, providing culturally sensitive healthcare to thousands in California’s Sierra Nevada region. The incident underscores the growing risks to healthcare data security and the potential long-term consequences for affected individuals.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
OCTOBER 2025
768
SEPTEMBER 2025
768
AUGUST 2025
768
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for MHBI ??
What was MHBI's A.I Rankiteo Cyber Score in June 2026 ??
What was MHBI's A.I Rankiteo Cyber Score in May 2026 ??
What was MHBI's A.I Rankiteo Cyber Score in April 2026 ??
What was MHBI's A.I Rankiteo Cyber Score in March 2026 ??
What was MHBI's A.I Rankiteo Cyber Score in February 2026 ??
What was MHBI's A.I Rankiteo Cyber Score in January 2026 ??
What was MHBI's A.I Rankiteo Cyber Score in December 2025 ??
What was MHBI's A.I Rankiteo Cyber Score in November 2025 ??
What was MHBI's A.I Rankiteo Cyber Score in October 2025 ??
What was MHBI's A.I Rankiteo Cyber Score in September 2025 ??
What was MHBI's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on MHBI's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with MHBI ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view MHBI's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?