Marlboro-Chesterfield Pathology Data Breach Impacted 235,911 Individuals

In a major cybersecurity incident, Marlboro-Chesterfield Pathology (MCP), a North Carolina-based lab, has suffered a significant data breach. The attack, carried out by the ransomware group SafePay, resulted in the theft of sensitive personal information from over 235,000 individuals.

MCP, founded in 1990 in Pinehurst, NC, is a full-service lab offering molecular, cytology, and pathology testing. Known for its advanced digital and molecular facilities, MCP provides FDA-approved diagnostics to support physicians and patients across the Carolinas. However, on January 16, 2025, threat actors gained unauthorized access to internal systems, compromising the security of the organization.

The company launched an investigation into the incident and took immediate action to secure its systems. Law enforcement was notified, and steps were taken to delete the stolen personal information. MCP identified affected individuals by March 31, 2025, and promptly notified them about the breach.

Impact of the Breach

The data breach exposed highly sensitive personal details, including:

  • Names
  • Addresses
  • Birth dates
  • Medical treatment information

The stolen information varied by individual, and MCP emphasized that there had been no reports of identity theft so far. In response to the breach, the company strengthened its network defenses, brought in forensic experts to investigate, and secured its systems.

Company Response and Notification

MCP notified the US Department of Health and Human Services (HHS) that the data breach impacted 235,911 individuals. The company cooperated fully with law enforcement's investigation and ensured that their efforts did not delay the notification process.

The data breach notification sent to affected individuals read: “On or around January 16, 2025, we experienced unauthorized activity on certain of our internal IT systems. Based on our subsequent investigation, we determined that an unauthorized party accessed our systems and acquired certain records from our systems.”

Ransomware Attack

MCP suggested that the organization suffered a ransomware attack, but it is not clear if they paid any ransom to the attackers or if the stolen data has been leaked online.

As of now, the ransomware group has not added MCP to its leak site, and no further information on the incident is available. The company continues to take steps to ensure the security of their systems and protect their customers' sensitive information.

Stay Safe Online

This data breach highlights the importance of cybersecurity awareness and the need for organizations to prioritize data protection. Individuals can also take steps to protect themselves by using strong passwords, enabling two-factor authentication, and monitoring their personal data for any suspicious activity.

Follow us on Twitter: @securityaffairs and Facebook and Mastodon for more updates on this incident and cybersecurity news.