Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
St. Mary's Medical Center, San Francisco

St. Mary's Medical Center, San Francisco Vendor Cyber Rating & Cyber Score

stmarysmedicalcenter.org

St. Mary's Medical Center, sponsored by the Sisters of Mercy and part of Dignity Health, has cared for the people of the San Francisco Bay Area since 1857. Today, it is one of the largest not-for-profit, community-based health care providers in Northern California. We believe in our city. We started health care in San Francisco. And are as committed today as we were in 1857. We believe in kindness . Through charity, advocacy and compassion.


SMMCSF A.I CyberSecurity Scoring

SMMCSF
Company Information
Website:http://www.stmarysmedicalcenter.org/
Employees number:161
Number of followers:0
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:stmarysmedicalcenter.org
SMMCSF Risk Score (AI oriented)
Between 750 and 799
logo
SMMCSFHospitals and Health Care
Updated:
12/06/2026
794/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
SMMCSF Global Score (TPRM)
xxxx
logo
SMMCSFHospitals and Health Care
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

SMMCSF
SMMCSFFair
Current Score
794Baa (FAIR)
01000
1 incidents
-39 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
795Before Incident
JUNE 2026
794Before Incident
MAY 2026
794Before Incident
APRIL 2026
832Before Incident
Breach
09 Apr 2026SMMCSF
Dignity Health, St. Mary’s Medical Center and Clinical Registry Solutions: Clinical Registry Solutions Data Breach Exposes Sensitive Patient Data

Cyberattack on Clinical Registry Solutions Exposes Patient and Employee Data

793After Incident
CRITICAL-39
DIGST-CLI1781224155
Cyberattack on Clinical Registry Solutions Exposes Patient and Employee Data Brooklyn-based healthcare data management firm Clinical Registry Solutions (CRS) disclosed a data breach affecting patient information it maintained for St. Mary’s Medical Center, a Dignity Health hospital. CRS, which provides clinical data abstraction and registry support to healthcare providers, detected suspicious activity on its network on April 9, 2026, prompting an immediate investigation. The company confirmed that an unauthorized party accessed its systems on the same day, acquiring files containing patient data from St. Mary’s Medical Center. According to CRS’s notification, the exposed information included names, medical record numbers, and procedure dates classified as both personally identifiable information (PII) and protected health information (PHI). The company clarified that Social Security numbers, diagnoses, and treatment plans were not part of the compromised patient data. However, on May 6, 2026, the Akira ransomware group claimed responsibility for the attack via a Tor-based dark web posting, asserting it had exfiltrated 41 GB of data from CRS. The group’s claims extended beyond patient records, alleging the theft of employee PII including passports, driver’s licenses, and Social Security numbers as well as corporate documents, financial records, payment details, contracts, and non-disclosure agreements. The discrepancy between CRS’s disclosure and Akira’s claims remains unresolved. CRS reported the breach to the California Attorney General and stated it found no evidence of misuse of the exposed data for fraud or identity theft. The company engaged Cyberscout (a TransUnion subsidiary) to manage breach notifications, sending letters to affected individuals with guidance on fraud alerts, credit freezes, and credit monitoring. A dedicated call center was established for inquiries, operating Monday through Friday from 8:00 a.m. to 8:00 p.m. EST. The incident highlights the risks of third-party vendor breaches in healthcare, where sensitive data is often shared across multiple entities. While CRS has taken steps to mitigate the fallout, the full scope of the exposure particularly regarding employee and corporate records remains under scrutiny.
INCIDENT DETAILS -
TYPE
Data Breach, Ransomware
MOTIVATION
Data exfiltration, Financial gain
IMPACT
Data Compromised: 41 GBSystems Affected: Clinical Registry Solutions networkBrand Reputation Impact: HighLegal Liabilities: PotentialIdentity Theft Risk: HighPayment Information Risk: High
DATA BREACH
Personally Identifiable Information (PII)Protected Health Information (PHI)Employee PIICorporate documentsFinancial recordsPayment detailsContractsNon-disclosure agreementsSensitivity Of Data: HighData Exfiltration: Yes (41 GB)NamesMedical record numbersProcedure datesPassportsDriver’s licensesSocial Security numbers
MARCH 2026
832Before Incident
FEBRUARY 2026
832Before Incident
JANUARY 2026
832Before Incident
DECEMBER 2025
832Before Incident
NOVEMBER 2025
832Before Incident
OCTOBER 2025
832Before Incident
SEPTEMBER 2025
832Before Incident
AUGUST 2025
832Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for SMMCSF ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in June 2026 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in May 2026 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in April 2026 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in March 2026 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in February 2026 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in January 2026 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in December 2025 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in November 2025 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in October 2025 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in September 2025 ?
?
What was SMMCSF's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on SMMCSF's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with SMMCSF ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view SMMCSF's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?