On January 27, 2025, Frederick Health Medical Group (a Maryland-based healthcare network with 25+ locations) announced a ransomware attack that compromised the protected health information of 934,326 patients. Attackers targeted a shared drive rather than the electronic medical records system. Stolen data included names, addresses, dates of birth, Social Security numbers, driver’s license numbers, medical record numbers, health insurance information, and clinical care information. No ransomware group claimed responsibility and no data has appeared on dark web forums. At least five class action lawsuits were filed alleging negligence. Frederick Health engaged third-party cybersecurity experts for investigation and remediation.