SCC A.I CyberSecurity Scoring
SCC
Company Information
Website:https://southwestcare.org/
Employees number:92
Number of followers:815
NAICS:621
Industry Type:Medical Practices
Homepage:southwestcare.org
SCC Risk Score (AI oriented)
Between 0 and 549
SCCMedical Practices
Updated:
03/04/2026
03/04/2026
441/1000
Critical
C
SCC Global Score (TPRM)
xxxx
SCCMedical Practices
Score locked

SCCCritical
Current Score
441C (CRITICAL)
01000
3 incidents
-169 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
467
JUNE 2026
463
MAY 2026
453
APRIL 2026
448
MARCH 2026
440
FEBRUARY 2026
600
Ransomware
25 Feb 2026 • SCC
Southwest Care Center: Southwest Care Center Data Breach Lawsuit Investigation
Southwest Care Center Hit by MEDUSA Ransomware Attack, Exposing Sensitive Patient Data
431
CRITICAL-169
SOU1772052507
Southwest Care Center Hit by MEDUSA Ransomware Attack, Exposing Sensitive Patient Data
Southwest Care Center, a New Mexico-based nonprofit healthcare provider serving communities since 1996, disclosed a ransomware attack that compromised sensitive patient data. The incident, detected on June 3, 2025, was claimed by the MEDUSA ransomware group, which threatened to publish 143.9 GB of stolen data on the dark web. The breach was publicly acknowledged on June 27, 2025, when the group posted details on the Tor network.
After discovering the attack, Southwest Care Center engaged forensic specialists to secure its systems and assess the breach. By December 18, 2025, the investigation confirmed that unauthorized access may have exposed personally identifiable information (PII) and protected health information (PHI), including first and last names, personal details, and medical records. Affected individuals were notified via written letters, and a public notice was posted on the organization’s website.
Southwest Care Center operates multiple clinics in Santa Fe and Albuquerque, providing HIV/AIDS care, primary care, behavioral health, and pharmacy services to a diverse patient population. The law firm Shamis & Gentile P.A. is investigating the breach for potential legal action on behalf of impacted individuals.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
597
DECEMBER 2025
594
NOVEMBER 2025
591
OCTOBER 2025
588
SEPTEMBER 2025
585
AUGUST 2025
582
JUNE 2025
693
Ransomware
03 Jun 2025 • SCC
Southwest Care Center: Southwest Care Center Data Breach: 143.9 GB Compromised
Southwest Care Center Hit by MEDUSA Ransomware Attack, Exposing Sensitive Patient Data
572
CRITICAL-121
SOU1772052995
Southwest Care Center Hit by MEDUSA Ransomware Attack, Exposing Sensitive Patient Data
On June 3, 2025, Southwest Care Center, a nonprofit healthcare provider in New Mexico, detected a cybersecurity incident that prompted an immediate response. The organization engaged third-party forensic experts to secure its systems and assess the scope of unauthorized access.
By June 27, 2025, the MEDUSA ransomware group claimed responsibility, posting on the dark web that it had exfiltrated 143.9 GB of data from the organization. The group threatened to publish the stolen information within 11 to 12 days unless demands were met.
An investigation concluded on December 18, 2025, revealing that the breach may have exposed sensitive personal and protected health information (PHI), including names and other personally identifiable data. Southwest Care Center published a notice of the incident on its website and began notifying affected individuals.
In response, the organization is offering 12 months of complimentary credit monitoring and identity theft protection services to those impacted. A dedicated call center has been established for further inquiries. The incident underscores the ongoing threat ransomware groups pose to healthcare providers and the potential risks to patient privacy.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2025
755
Breach
01 Jan 2025 • SCC
Oracle Health, Christus Health and Southwest Care Center: Christus Health, Southwest Care Center warn patients of possible data security incidents
Christus Health and Southwest Care Center Data Security Incidents
687
CRITICAL-68
SOUORACHR1771993857
Christus Health and Southwest Care Center Alert New Mexico Patients to Separate Data Security Incidents
In January 2025, an unauthorized user accessed sensitive patient data through a breach at Oracle Health (formerly Cerner Corp.), a laboratory information software vendor used by Christus Health. The exposed information spanning records predating February 2025 includes names, Social Security numbers, lab orders, blood bank records, diagnoses, medications, and test results. While Christus Health’s systems remained unaffected, the organization is collaborating with Oracle to identify and notify impacted individuals.
Separately, Southwest Care Center, which operates clinics in Santa Fe and Albuquerque, disclosed a June 2025 cybersecurity incident where an unauthorized party may have acquired patient data. The center has since strengthened its technical safeguards but has not found evidence of data misuse. However, affected patients have filed a class-action lawsuit in Santa Fe’s First Judicial District Court, alleging negligence in protecting their information and increased risks of identity theft.
Both incidents reflect the growing threat of third-party vendor breaches in healthcare, a trend highlighted by the FBI’s 2024 cybercrime reports. Christus Health and Southwest Care Center are working with regulators to address the fallout, though litigation remains pending. The breaches underscore vulnerabilities in interconnected healthcare systems and the challenges providers face in securing patient data.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for SCC ??
What was SCC's A.I Rankiteo Cyber Score in June 2026 ??
What was SCC's A.I Rankiteo Cyber Score in May 2026 ??
What was SCC's A.I Rankiteo Cyber Score in April 2026 ??
What was SCC's A.I Rankiteo Cyber Score in March 2026 ??
What was SCC's A.I Rankiteo Cyber Score in February 2026 ??
What was SCC's A.I Rankiteo Cyber Score in January 2026 ??
What was SCC's A.I Rankiteo Cyber Score in December 2025 ??
What was SCC's A.I Rankiteo Cyber Score in November 2025 ??
What was SCC's A.I Rankiteo Cyber Score in October 2025 ??
What was SCC's A.I Rankiteo Cyber Score in September 2025 ??
What was SCC's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on SCC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with SCC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view SCC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?