South Country Health Alliance Company CyberSecurity Posture

mnscha.org
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

South Country Health Alliance is a county-based purchasing health plan serving eight Minnesota counties - Brown, Dodge, Goodhue, Kanabec, Sibley, Steele, Wabasha and Waseca - in a joint effort to support accessible, quality health care through partnerships with community services and local providers for Minnesota Health Care Program enrollees.

South Country Health Alliance A.I CyberSecurity Scoring

SCHA

Company Details

Linkedin ID:

south-country-health-alliance

Website:

http://www.mnscha.org

Employees number:

71

Number of followers:

457

NAICS:

62

Industry Type:

Hospitals and Health Care

Homepage:

mnscha.org

IP Addresses:

Scan still pending

Company ID:

SOU_1086423

Scan Status:

In-progress

AI scoreSCHA Risk Score (AI oriented)

Between 650 and 699

https://images.rankiteo.com/companyimages/south-country-health-alliance.jpeg
SCHA Hospitals and Health Care
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
globalscoreSCHA Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/south-country-health-alliance.jpeg
SCHA Hospitals and Health Care
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

South Country Health Alliance

Weak
Current Score
676
B (Weak)
01000
2 incidents
-64.0 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

DECEMBER 2025
740
Breach
11 Dec 2025 • South Country Health Alliance: Wabasha County officials issue warning about data breach
Wabasha County Emergency Notification System Data Breach

**Wabasha County Data Breach Exposes Resident Information via Emergency Notification System** Wabasha County, Minnesota, officials disclosed a data breach affecting its emergency notification system, OnSolve CodeRED, after a forensic investigation confirmed unauthorized access by an organized cybercriminal group. The incident, first reported to the county’s emergency management office in November, involved the potential exfiltration of user data, including names, addresses, email addresses, phone numbers, and passwords tied to the CodeRED platform. In a December 10 Facebook statement, the Wabasha County Sheriff’s Office revealed that the compromised system had been disabled and that the county is transitioning to an upgraded emergency notification system. While the investigation remains ongoing, officials urged residents who reused the exposed CodeRED password for other accounts to update their credentials immediately. The breach highlights vulnerabilities in third-party emergency alert systems, raising concerns about the security of sensitive resident data. Wabasha County Emergency Management Director Brenda Tomlinson is available for further inquiries at 651-565-3069 or via email.

676
critical -64
SOU1765499305
Incident Details -
Type
Data Breach
Impact
Data Compromised: Users' names, addresses, email addresses, phone numbers, and passwords Systems Affected: OnSolve CodeRED emergency notification system Operational Impact: System disabled and being replaced Brand Reputation Impact: Potential impact due to apology and public disclosure Identity Theft Risk: High due to exposure of personally identifiable information
Response
Third Party Assistance: Forensic investigation Containment Measures: Compromised system disabled Remediation Measures: Replacing with an improved emergency notification system Communication Strategy: Public advisory via Facebook and contact information for inquiries
Data Breach
Type Of Data Compromised: Personally identifiable information (PII) Sensitivity Of Data: High (names, addresses, email addresses, phone numbers, passwords) Data Exfiltration: Data may have been removed from the system Personally Identifiable Information: Names, addresses, email addresses, phone numbers, passwords
Recommendations
Change passwords for any accounts using the same password as CodeRED
Investigation Status
Ongoing
Customer Advisories
Strong encouragement to change passwords for any accounts using the same password as CodeRED
Stakeholder Advisories
Public advisory to change passwords and contact emergency management for inquiries
Post Incident Analysis
Corrective Actions: Replacing the compromised system with an improved emergency notification system
References
Blog URL Source URL
NOVEMBER 2025
740
OCTOBER 2025
739
SEPTEMBER 2025
739
AUGUST 2025
738
JULY 2025
738
JUNE 2025
737
MAY 2025
731
APRIL 2025
730
MARCH 2025
730
FEBRUARY 2025
729
JANUARY 2025
729
JUNE 2020
762
Breach
25 Jun 2020 • South Country Health Alliance
South Country Health Alliance Email Account Breach

The Maine Office of the Attorney General reported that South Country Health Alliance (SCHA) experienced unauthorized access to an employee email account on June 25, 2020, discovered on September 14, 2020. A total of 66,874 individuals were affected, including 3 residents of Maine who were notified on December 30, 2020. Personal information potentially compromised includes Social Security Numbers.

677
high -85
SOU853080425
Incident Details -
Type
Data Breach
Attack Vector
Email Compromise
Vulnerability Exploited
Unauthorized Access
Impact
Social Security Numbers Employee Email Account
Data Breach
Social Security Numbers Sensitivity Of Data: High
Initial Access Broker
Entry Point: Email Account
References
Blog URL Source URL

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for South Country Health Alliance is 676, which corresponds to a Weak rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 740.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 739.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 739.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 738.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 738.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 737.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 731.

According to Rankiteo, the A.I. Rankiteo Cyber Score for April 2025 was 730.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2025 was 730.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2025 was 729.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2025 was 729.

Over the past 12 months, the average per-incident point impact on South Country Health Alliance’s A.I Rankiteo Cyber Score has been -64.0 points.

You can access South Country Health Alliance’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/south-country-health-alliance.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view South Country Health Alliance’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/south-country-health-alliance.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.